Digital Arts Consulting, release Cybersecurity Operational Improvement & Management Service by Exabeam Smarter SIEM
~ Support for the New Normal of Cybersecurity Operation, to archive 30% cost reduction^* ~

In an enterprise environment where advanced cybersecurity measures are required, Digital Arts Consulting, Inc., which handles CISO services (Security Consulting Services), Headquarters: Chiyoda-ku, Tokyo, President and CEO Tadao Matsumoto, digital arts consulting firm, has signed a reseller agreement with Exabeam,Inc.. (Headquarters: California, USA, Co-Founder and CEO: Nir Polak, Exabeam) to help organizations reduce their operating costs by 30% which Gartner predicts that it will be realized cost down through hyperautomation technologies and redesign of business processes by 2024 and release "Cybersecurity Operational Improvement and Management Service" which provides total support from consulting of business improvement to operational design and implementation. DAC and Exabeam will support for the development of a new normal of Cybersecurity Operation.

Increasing of importance for the corresponding of Cybersecurity IR Operation

Over the past few years there has been a digital transformation, which has been deployed worldwide regardless of industry or country, and COVID-19, has been causing a pandemic around the world. Through the unprecedented situation, we have to redefine and apply new business models and work styles without waiting. Among them, Japanese companies are particularly slow to take actions in building of cybersecurity incident and response processes. So far, many Japanese companies acquired ISO27001/ISMS compare with others. The certified security guideline is to focus on global standard of security audit, especially for Identity and Protect processes. Therefore, they have not covered it. If the lack of security operations is left unchecked, there is a possibility that the increase in security risks not only for general digital risk such as information leakage and denial of service but also for business continuity, increasing of outsourcing cost, and loss of business opportunities. So far, it was necessary for these enterprise companies to allocate highly skilled engineers that could handle any alerts from multi-vector methodologies, email and syslog, investigate and analyze the incidents deeply and create large-scale organizations and systems to operate it. However, due to enhancing of SOAR technology, it can be realized for integrated alert management and orchestration of security operational task and process and automation.

In addition to support for the SOAR features, Exabeam has the ability for a new Smarter SIEM that can identify behaviors easily that may be abnormal and dangerous through AI based advanced analytics technologies. This enables us to renew our security operations, which have been essential for relying on some experts and building large-scale systems, and improves operational ROI due to releasing from legacy struggled operations and optimization of human resources to cut off considerable time and effort on the current security operations.

Exabeam's Advanced Analytics (UEBA Platform) consist of four engines that are context, session, behavioral and risk. It generates a timeline of sessions, events, and objects from a vast number of log sources. And then it learns about the usual behavior of those people, objects in organizations and create profiling of behavior, then score the risk by using machine learning technology so that analysts can act quickly and appropriately. It is easy to identify users who are acting unusually and dangerously.
However, in order to implement such a new normal security operation, it is necessary to visualize and organize current operational tasks, processes and communication flows, then redesign and implement for the new normal security operation by removing the current issues and by utilizing of Smarter SIEM. As the consulting, design and implementation phase, it is important to support by high skilled consultants and engineers engaged by one team.

One-stop support by Digital Arts Consulting's own unique Cybersecurity

Digital Arts Consulting is capable of establishing a new normal of cybersecurity operations from both the aspects of consulting and engineering such as operational design, implementation and support with client centric approach that can improve the client business.
In addition to consulting experience and knowledge in the cybersecurity field that have been conducted in various companies, the support of "NIST SP800-171" also includes "Cyber Hygiene" , "Cloud Posture Management (CSPM)" and "Privilege Access Management(PAM)" as our own services. Through the one stop support by integrated these services, we can solve client's business challenge, and we can provide concrete solutions that take into account actual implementation and operation.

• * Gartner, Inc. The Gartner Predicts 2020: RPA Renaissdriven Driven by Morphing Offerings and Zeal for Operational Excellence Report (December 10, 2019) predicts that by 2024, the organization will reduce operating costs by 30% through combining hyperautomation technology and redesigned operational processes.
  https://www.gartner.com/en/documents/3976135/predicts-2020-rpa-renaissance-driven-by-morphing-offerin,
• * Exabeam, Inc. In a joint study with the Ponemon Institute, a U.S. research firm, found that organizations waste about 25% of their time on legacy tools tracking false positives, the report says that companies have been able to reduce the total time spent on security tasks by 51%.
  https://www.exabeam.com/pr/ponemon-institute-reveals-security-teams-spend-approximately-25-percent-of-their-time-chasing-false-positives-response-times-stymied-by-legacy-tools/

Overview of Cybersecurity Operational Improvement & Management Service

1. Risk Assessment Service

Digital Arts Consulting consultants organize fit & gap and business flow along customer security guidelines, security information standard policy and current operation, IT assets, and operation systems. The solution architect then joins in to investigate for existing design, layout and configuration, and organize to fit Exabeam Smarter SIEM on this environment. Through this approach, we can support for visualization of the client requirement and propose for the concrete solution that client doesn't know what the best is.

2. Cybersecurity Operational Improvement & Management Service

Digital Arts Consulting's solution architect executes the proof of value (POV) to verify the hypothesis, organized by risk assessment services. By the collecting data and result through the PoV, we arrange suitable conceptual design that value in consideration of the actual business, then do an implementation, operational design and operational support by extracted conceptual design.

Functions of the Product

Exabeam's Security Management Platform (SMP) consist of modular architectures. It can be selected from each module by client requirement flexibly.

1) Data collection (Big Data Architecture)

• Data Lake: Log collection and management capabilities, not limited log size
• Cloud Connector: Ability to collect more than 40 cloud service logs such as Office365 and Box

2) Detection and investigation (Analytics & Machine Learning)

• Advanced Analytics: Behavior based log analysis as people (includes unknown threats, internal fraud measures)
• Entity Analytics: Behavior based log analysis as entities such as servers, terminals, IoT, etc. (including unknown threat measures)
• Threat Hunter: Threat searching feature that extract the scoped suspicious information by GUI without complex query syntax

3) Support (Security Orchestration)

• Incident Responder: Orchestration and Automation
• Case Manager: Incident Case Management

Features of DAC Services

1. CSPM (Palo Alto Networks Prisma Cloud) x Smarter SIEM (Exabeam SMP)

* Provides one-stop CSPM service: multi-cloud posture management, design of incident response, and improvement of operational management

2. Cyber Exposure (Tenable Tenable.io) x Smarter SIEM (Exabeam SMP)

* Provide one-stop Cyber hygiene service: Visualization of business risk, vulnerabilities x threats, design of incident response, and improvement of operational management

3. PAM (CyberArk PAS) x Smarter SIEM (Exabeam SMP)

* Provide one-stop PAM service: Privilege authority design, threat detection, design of incident response, and improvement of operational management.

Digital Arts Consulting will support for the enterprise clients to strengthen cybersecurity environment, which will become increasingly important in the future, and to propose outcome based cybersecurity solution, merged with our own services and this cybersecurity operational improvement & management service by Exabeam Smarter SIEM.

Product

Exabeam Security Management Platform (SMP)

The Exabeam Security Management Platform is a modern SIEM that helps security teams work smarter. Organizations can take advantage of its big data architecture, advanced analytics, and automation capabilities.

The modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. Organizations can choose from two deployment paths, replacing SIEM or augmenting SIEM. Exabeam Advanced Analytics uses four Engines: Context Engine, Session Engine, Behavioral Engine and Risk Engine. By utilizing the four engines, it can be identified for users and assets easily, and creating of user behavioral timeline list, analytics by machine learning, and creating of risk report per user and per entity through profiling technology. Improvement of ROI can be realized.