Industries & Sectors
Bringing national security and military-grade cyber security to any organisation is core to the Perception mission. Part of this mission is making sure the system is as flexible as possible to the changing needs of different industries, as well as fully understanding what drives the users in those industries.
Since 2013, the Perception team has constantly worked with users in new deployments to understand what drives them, and has allowed them to benefit from a more secure approach to the network security problem. During this process, Perception has proved itself over and over again as a flexible product that can benefit any user in any industry, and make their network significantly more secure.
Chemring’s core market, the defence sector, cannot afford to fail. Building mission critical systems that are relied upon in life and death situations allows absolutely no room for failure. Alongside this, there’s an added impetus on protection of intellectual property, as businesses in the defence sector often are in possession of secret-level technology that cannot be communicated to potentially hostile powers. With the growing threat of cyber- espionage, the tools these organisations use must keep pace with the threats they face, and they are often facing the most advanced state- sponsored cyber attackers in the world.
Perception’s defence heritage helps the system flourish in this sort of environment. From adding extra protection to critical information, to actively discovering potential network weaknesses before they are exploited, Perception has been designed from its inception to work in the way defence organisations need to work.
Defence organisations, regardless of size, require a greater level of network protection, and an added layer of critical insight that only proactive tools such as Perception can deliver. Proactively hunting vulnerabilities, weaknesses, and threats in this environment isn’t just advised, it’s required.
National security agencies around the world are faced with the daunting task of keeping an entire population of citizens safe. The security of their network infrastructure is therefore a huge responsibility for these agencies, as they face threats from terrorism, crime or state and industrial espionage. Many national security agencies are also responsible for making sure the networks within their territory remain secure, and in order to lead by example, they must have safe networks themselves.
Guardia Civil are responsible for issues of national security in Spain, and as such they have a requirement to keep their networks protected. The institution is highly valued by Spaniards, more than any other law enforcement agencies and the military in Spain, and the reputational damage they could suffer as a result of a breach is unacceptable.
As a result of this threat landscape, Guardia Civil deployed Perception to protect its critical network assets from cyber- attacks, as well identify malicious insiders or other vulnerabilities within the network. The deployment followed a successful product evaluation via Perception’s Spanish partner Eleycon21.
Critical National Infrastructure
Critical national infrastructure (CNI) will always remain a high-threat target for cyber-attacks, however, it is also a difficult challenge for operators to secure them due to the scale and variety of organisations that constitute CNI. One of the greatest challenges faced by CNI in securing their networks is the shortage in specialist skills and deep technical expertise. This issue is often compounded by the sometimes-misunderstood implications of connecting often bespoke or legacy CNI systems to the internet.
The threat to CNI does not always lie with specifically designed targeted attacks such as allegedly state-sponsored attacks that targeted UK energy, communication, and media networks. It also includes a risk from less complex and targeted actions, for example, the WannaCry attack in May 2017 did not deliberately target the British National Health Service. Nevertheless, it demonstrated the potential consequences of a successful attack on the UK’s CNI.
In order to solve these issues, CNI must focus on two areas, increasing the efficiency of a severely restricted skills base, and pro-actively searching for network weaknesses before they are exploited.
Perception has been deployed in CNI sites in a way that solves both these issues. Perception’s correlational analysis engine, ForensicAI, is specifically designed to increase the efficiency of human analysts working on securing a network. Furthermore, no Perception customers were affected by the WannaCry attacks in May 2017, this was due to the vulnerabilities that were exploited by the malware being secured long before those attacks ever took place.
Facilities management (FM) businesses that provide IT systems are now expected to provide a level of security along with that infrastructure. As part of the growing deployment of IoT devices, smart control systems and digital management systems, the ability to secure that infrastructure is also becoming more and more difficult. The impact of a breach of an FM business could be catastrophic for them, as they effectively put their reputation on the line with each new deployment of infrastructure.
With the high level of risk, and the increasing level of deploying secure systems, it’s imperative that FM businesses ensure their cyber protection is sufficient when they deploy new systems, and as their existing deployments evolve.
Serco faced this exact problem when they decided to deploy Perception in 2015. With a massive network of customer infrastructure spanning the UK, USA, Middle East, and Australia, the scale of their problem was massive. As a business that insists on the best IT systems for their customers, the increase in IoT devices, and changing connected devices, they required a system that allowed them to proactively secure networks, and wasn’t hampered by a rigid, rules-based, system. This is what Perception has afforded them, and it continues to be trusted across the globe in one of the world’s most security conscious organisations.
Manufacturing is a significant target for cyber criminals. Whilst the threat of sensitive-data theft remains a high risk, disruption to operations as a result of a cyber incident can greatly affect the profitability of a manufacturing business. These threats aren’t likely to go away any time soon, either, as network threats will only become more of a concern with increasing digitisation of manufacturing equipment.
One of the specific difficulties of the manufacturing industry is that throughout the supply chain the capacity for network protection varies massively. The ability to comprehensively secure systems is often seen as reserved for large businesses that can afford advanced consultancy and bespoke systems, allowing weaknesses to proliferate in broad parts of the supply chain.
Amari Metals is a well-established name in the international trade of metal products and has been for thirty years; as a result, they are renowned for reliability amongst their growing customer base. This reputation could not be placed at risk as a result of a cyber-attack, so they realised they needed a better approach to defeating their cyber risks.
By implementing Perception, Amari are able to proactively approach network protection by identifying risks and vulnerabilities before they are exploited. They are also able to monitor those risks as they are being resolved, as well as detecting zero-day threats if they breach their traditional perimeter systems. As Amari’s network changes and evolves they will also be able to understand the changing threats to their network using Perception, maintaining a better level of security for the future.
Like all businesses, law firms are increasingly reliant on technology and are at risk from a growing range of cyber threats. The impact of these threats could mean temporary inability to function, having funds stolen, or being culpable for a data breach. With the absolute trust clients put into law firms, these outcomes could be devastating, both reputationally and financially.
In a post-GDPR landscape, and as the sector adopts more IT systems to function more efficiently, it is vital that law firms adopt an effective approach to the cyber risk.
In partnership with Net Consulting, an IT services company offering Specialised Consultancy and Managed Services for the Public and Private sectors, Perception was deployed into Capital Law’s network. Despite its large size, Capital Law, like most law firms, has a relatively small internal IT team, preferring to stay flexible and invest in reliable third parties and cutting-edge investments.
Net Consulting were approached by Capital Law when they were looking for skilled and professional IT services, and the initial deployment of Perception into Capital Law showed that while the perimeter security was strong, the visibility of insider threats and network vulnerabilities could be improved. With Net Consulting managing Perception on Capital Law’s behalf, the firm is protected from new and existing threats; allowing the Capital law team to get on with their day job while feeling confident that someone’s watching their back. They now know that we have full visibility of everything that’s going on in their network, and there aren’t many businesses who can say that.