We provide a proactive approach to network security, by actively ‘hunting’ for intrusions and adversarial activity, as opposed to passively hoping for tools to alert on anomalies. We’ll train your in-house IT staff to be the hunters, or we can handle the hunting from our operations center.
If your organization suffers from a cybersecurity attack, law enforcement is almost 10 times more likely to report that attack to you than any Managed Security Service Provider (MSSP) you may hire 1. In fact, your users, not even having been trained to recognize attacks, are around 4 times more likely to discover an attack than an MSSP. Considering that finding and reporting on attacks is exactly what an MSSP is supposed to do, those statistics are pretty pathetic.
At Haight Bey we take a different approach. Haight Bey isn’t an MSSP: instead we are a Cybersecurity Empowerment service provider. What does that mean? We help you set up tools to monitor your network, and teach members of your organization to use those tools and other simple techniques to actively look for attacks. We teach and empower you to “Hunt” your own network, from the inside out, to reverse the roles and make the attackers your prey. This is exactly the approach we take in defending our own corporate network and information.
To help you Hunt, we will design custom tools, techniques, and procedures for your particular environment. Haight Bey is product agnostic, in that we aren’t married to any particular cybersecurity vendor or product. We certainly don’t buy into the snake oil most cybersecurity vendors are pushing. There are plenty of open source, cheap (even free) tools to pick from that we can implement to help monitor and Hunt your organization’s network environment. We’ll help you pick the right tools to mitigate your organization’s cybersecurity risk and realize a return on investment.
We’ll then help you identify members of your own staff to train on these tools, techniques, and procedures. It may be surprising, but in the long run it will be more cost-effective to have someone inside your organization do the Hunting, than to pay an MSSP to passively monitor from the outside. The statistics don’t lie. There has to be a human in the loop to confirm anomalies, and what better human than someone who knows your business processes and the IT systems that support those processes. Additionally, if you are worried about having to hire more staff, the Hunter doesn’t need to be full-time—Hunting your network as little as one day a week provides significant added value to your cybersecurity program.
Haight Bey will be there all along in the process, helping your Hunter learn new techniques, and when he or she does find the inevitable attack, we’ll be right behind them as they work to thwart the attack and minimize any damage done. We’ll then analyze the attack vector, and move to the next phase of the Haight Bey cybersecurity cycle, where we help Heal your network to prevent similar future attacks