At the National Information Solutions Cooperative (NISC) Member Information Conference (MIC) on Wednesday, we were delighted to join Jeff Nelson, NISC’s Vice President of Information Security and Risk Management, to help announce their new offering: NISC CyberDetect. Building on our existing relationship with NISC (they offer vulnerability management services powered by Nexpose), NISC will now also provide Managed Detection and Response (MDR) services to its member base, powered by the Rapid7 Insight platform and Rapid7 Security Operation Centers (SOCs.)
NISC, a Rapid7 customer, provides technology solutions for its members who are companies in the utilities and telecommunications space. NISC has a deep understanding of the unique challenges its member organizations face and know the threats against these types of organizations are growing. According to the DBIR, for the Information industries including telecommunication, 97% of threat actors are external, many due to compromised credentials. In many cases these organizations are small, and they trust NISC to provide recommendations and services that fit their needs. Gartner highlights MDR as a “sweet spot” for smaller organizations as they figure out their detection and response investment strategy.
Rapid7 MDR, with InsightIDR and the Insight platform at its core, provides 24/7 detection and response services for organizations. Based in the Rapid7 SOCs, the MDR service team utilizes user behavior analytics, attacker behavior analytics, threat hunting, and threat intelligence to detect and respond in customer environments. The experienced team has seen and responded to thousands of breaches and threats, and has experience working with customers across many industries.
Our managed services, threat intelligence and research teams drive primary threat intelligence from a number of sources including incident response, Internet-wide scanning (Project Sonar), and our global honeypot network (Project Heisenberg). Additionally, Rapid7 develops Metasploit, the most widely-used penetration testing software in the world, which gives us an unparallelled understanding of the attacker mindset.
What does this look like in action? A recent example we were able to share publicly was when our threat intelligence team discovered that local radio station broadcasts were being hijacked. We leveraged our Sonar research and the intelligence it provided to quickly determine potentially vulnerable radio stations. We reached out to any customers in radio or television to let them know about the vulnerability, and provide details of the hijacking and recommendations on how to mitigate the vulnerability. We then shared our threat intelligence with a broadcasting industry association to ensure that non-Rapid7 customers were notified and educated too.
We are excited to work more closely with NISC’s members so that we can help more organizations make sense of the potentially millions of data points relevant to detection and response and help organizations take action. Many teams are overwhelmed when thinking about building a detection and response program—from finding and retaining talent to technology to process. We want to address those concerns so that companies can instead focus on doing what they do best. Our teams are constantly looking for industry trends so that we provide managed services, backed by the power of extensive research and a deep understanding of the threat landscape.
To learn more about Rapid7 MDR, please visit: https://www.rapid7.com/services/detection-and-response-services/managed-detection-and-response-services/
To read our quarterly threat reports, please visit: https://www.rapid7.com/info/threat-report/