Creative Networks

Managed Breach Detection Service

Our Managed Breach Detection service surveys networks and endpoints for unauthorised access or suspicious activity, utilising advanced technology and expert analysis. With real-time threat intelligence and proactive measures, we promptly detect and respond to security breaches, minimising their impact on our clients' operations and data.

Features

• Continuous monitoring for suspicious activity on networks and endpoints.
• Integration of advanced threat intelligence for real-time detection.
• Expert analysis by skilled security professionals.
• Proactive threat hunting for emerging risk identification.
• Swift incident response to mitigate breaches promptly.
• Customised alerts for timely action on security threats.
• Anomaly detection for identifying unusual behavioural patterns.
• Comprehensive security assessments and vulnerability scanning.
• Seamless integration with existing security infrastructure.
• Regular updates and threat briefings to stay informed.

Benefits

• Minimises downtime and disruption during security incidents effectively.
• Enhances proactive risk mitigation with improved threat detection.
• Continuous monitoring improves overall security posture significantly.
• Swift response protocols reduce impact of data breaches considerably.
• Expert-led detection and response ensure peace of mind.
• Customised alerts optimise resource allocation efficiently.
• Regular updates increase awareness of emerging threats effectively.
• Comprehensive assessments boost regulatory compliance adherence effectively.
• Anomaly detection strengthens resilience against cyber attacks effectively.
• Seamless integration saves time and resources efficiently.

£100.00 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aj@creative-n.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

102712352171032

Contact

Azeem Javed
03303337337
aj@creative-n.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Our Managed Breach Detection service complements endpoint security, network security, cloud security, SIEM, and IAM solutions. It enhances threat detection and incident response capabilities, ensuring comprehensive cybersecurity protection across various software services.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: While our Managed Breach Detection service offers robust security monitoring, buyers should consider compatibility with existing systems, data sensitivity, and potential maintenance windows. Resource limits may apply, and integrating with other systems could be complex. Reviewing service level agreements is crucial for understanding support and uptime guarantees.
• System requirements:
  • Stable internet connection for continuous monitoring.
  • Compatible with Windows, Linux, macOS, and more.
  • Lightweight endpoint agents for monitoring.
  • Integration with existing security tools for enhanced detection.
  • Administrative permissions for deployment and management.
  • Adequate hardware resources for optimal performance.
  • Compliance with licensing agreements for third-party software.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support response times - 08:30 - 18:00 Weekdays, excluding Bank Holidays. Out of hours support available where necessary. 30 minutes to 8 hour response dependent on priority call, P1 - 30 mins, P2 - 1 hour, P3 - 4 hours, and P4 - 8 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We have not conducted any testing of web chat accessibility with users employing assistive technology.
• Onsite support: Onsite support
• Support levels: End-user training can be provided at an ad hoc cost. We provide a UK based Service Desk for support. Out of hours support is available. Our helpdesk is made up of 1st, 2nd and 3rd Line technical expertise. A Technical Account Manager will be assigned as standard as a part of our standard and premium IT Support, see our pricing schedule and SFIA Rate Card for details.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We assist users in adopting the service through a variety of resources tailored to their needs. Our user documentation offers step-by-step guides, FAQs, and troubleshooting tips for independent learning. Additionally, we provide interactive online training sessions and webinars led by experienced instructors to guide users through setup and configuration processes effectively. For those preferring personalised assistance, optional onsite training sessions can be arranged to address specific organisational requirements. Our dedicated technical support team is readily available to assist users with any inquiries or challenges they may encounter, offering prompt resolution via email, phone, or online chat. With these resources and support channels in place, we aim to ensure a smooth onboarding experience and empower users to harness the full capabilities of the service for their communication needs.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Exported upon request. Contact the Support Helpdesk or Technical Account Manager.
• End-of-contract process: At the end of the contract services will continue on a rolling 30 day agreement until either party serves notice. If it is decided the client will exit, Creative Networks will assist in transitioning and migration of services ensuring continuity and a smooth handover. We will, where applicable deliver an Exit Plan which sets out the proposed methodology for achieving an orderly transition of Services on the expiry or termination of the contract. The Exit Plan will contain at minimum: Separate mechanisms for dealing with Ordinary Exit and Emergency Exit. The management structure to be employed during both transfer and cessation of the services and a detailed description of both the transfer and cessation processes, including a timetable. Document how the Services will transfer including details of the processes, documentation, data transfer, systems migration, security and the segregation of technology components. Specify the scope of the Termination Services that may be required and any charges that would be payable for the provision of such Termination Services and detail how such services would be provided. Provide a timetable and identify critical issues and set out the management structure to be put in place and employed during the Termination Assistance Period.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Both mobile and desktop versions offer core functionality but differ in user interface, feature availability, and performance optimisations. Mobile interfaces are tailored for smaller screens and touch interaction, while desktop versions may have more advanced features and offline capabilities. Notifications are optimised for each platform, with mobile relying more on push notifications. Performance varies based on hardware and connectivity, with desktop versions potentially offering better performance for certain tasks. Overall, both versions aim to provide effective security monitoring and incident response, with adjustments made to accommodate the unique characteristics of mobile and desktop platforms.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: ESET's Protect MDR service interface is a user-friendly web-based dashboard providing real-time insights into security metrics, alerts, and incidents. Users can efficiently manage security incidents, customise reports, configure settings, and collaborate with team members. The interface offers comprehensive tools for proactive threat detection, incident response, and security posture management.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Creative Networks have not conducted any interface testing with users of assistive technology.
• API: Yes
• What users can and can't do using the API: Through our API, users can automate service setup, configure settings, retrieve data, and perform operational tasks. They can set up the service, make configuration changes, and integrate with other systems. However, there may be limitations on sensitive operations and rate limits on API requests. While the API offers extensive capabilities, users should be aware of any restrictions and adhere to usage policies.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customise our service extensively. This customisation encompasses various aspects:; ; Security Policies: Users can define and adjust security policies to establish rules and configurations for threat detection, access control, and data protection.; Alert Settings: Customisation of alert settings allows users to set thresholds, priorities, and notification preferences for security alerts, ensuring timely and relevant notifications.; Integration: Users can configure integrations with other systems or tools by setting up APIs, webhooks, or data connectors to enable seamless data exchange and workflow automation.; Reporting: Customisation of reports and dashboards empowers users to tailor metrics, visualisations, and data filters according to their monitoring and compliance requirements, facilitating informed decision-making.; Workflow Automation: Users can define rules, triggers, and actions for workflow automation, streamlining incident response, threat remediation, and compliance tasks to improve operational efficiency.; User Access Controls: Customisation of user access controls involves defining roles, permissions, and access levels to ensure appropriate access to service features and data, maintaining security and compliance.; Users typically perform customisation tasks through the service interface or API, utilising configuration settings, templates, and scripts provided by the service provider. Administrators or users with appropriate permissions can execute customisation tasks, adhering to the organisation's access control policies.

Scaling

• Independence of resources: ESET ensures users are unaffected by demand through scalable infrastructure, resource allocation, load balancing, proactive monitoring, and adherence to SLAs. These measures maintain consistent performance, even during peak usage, providing users with reliable service.

Analytics

• Service usage metrics: Yes
• Metrics types: ESET typically provides service usage metrics, including usage statistics, performance metrics, user activity tracking, compliance metrics, and customised reporting options. These metrics offer insights into service utilisation, performance, user behaviour, compliance adherence, and key performance indicators, empowering customers to assess service effectiveness, optimise resource allocation, and make informed decisions to enhance security posture and operational efficiency.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Eset

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users export data from our service through built-in export functionality, API access for programmatically retrieving data, and scheduled reports. They can select specific datasets and export them in common formats like CSV or Excel. Integration with third-party tools enables seamless data export and analysis across multiple systems. This flexibility allows users to analyse, share, and utilise their data effectively for monitoring, reporting, and decision-making purposes.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: ESET typically guarantees a high level of availability for their Protect MDR service through SLAs, ensuring uptime and timely support. If service levels are not met, users may be eligible for compensation or refunds, subject to the terms outlined in the SLAs. Specifics, such as uptime percentages and response times, vary based on subscription plans and agreements. Users should review SLAs carefully to understand their entitlements in the event of service disruptions.
• Approach to resilience: The service is resilient due to redundancy, fault tolerance, scalability, data backup, security measures, and geographic redundancy. Redundant components minimise downtime, while fault tolerance ensures automatic recovery from failures. Scalability handles increased demand, and robust data backup and recovery mechanisms safeguard against data loss. Strong security measures protect against cyber threats. Geographic redundancy across multiple locations mitigates the impact of regional disasters. Together, these features create a resilient architecture that ensures uninterrupted service delivery and reliability for users, even in the face of challenges.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Supplier defined controls. Access to management interfaces is restricted to designated users and controlled with user name and password protection.
• Access restriction testing frequency: Less than once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: UKAS
• ISO/IEC 27001 accreditation date: 24/10/2022
• What the ISO/IEC 27001 doesn’t cover: Areas not covered by ISO/IEC 27001 certification include specific business processes unrelated to information security, certain third-party services or suppliers, or compliance with other industry-specific regulations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Organisations adhering to ISO 27001 establish robust information security practices. They develop policies aligned with ISO 27001 requirements, covering areas like access control, data protection, and incident response. Through risk assessments, they identify and prioritise security risks, implementing controls to mitigate them. Employees receive training on security policies and procedures to enhance awareness and compliance. Monitoring and review processes ensure the effectiveness of security controls, with regular audits and assessments conducted. A designated individual or team oversees the implementation and maintenance of the Information Security Management System (ISMS), reporting to senior management or the board. To ensure policy adherence, organisations employ various mechanisms such as audits, reviews, and ongoing monitoring. Non-compliance issues prompt corrective actions and improvements to the ISMS. By following these practices, organisations demonstrate their commitment to information security and continuously strive to enhance their security posture in line with ISO 27001 standards.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Creative Network's have in place a Change Management Process that follows the ISO 20000 Standard. A change is proposed with the Change Manager and then added to the Changes-overview. The change is scheduled to be executed and a roll back plan is created (if necessary). Rollback is actioned immediately upon confirmation as per following the rollback matrix, resources are freed and announcements are published. Periodically, the overview of archived changes is checked.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Creative Network's have a Vulnerability Management process that implements the following: Receives information about zero day threats from the National Cyber Security Center; Subscribe to newsletters from vendors and used products, in contact with special interest groups; Technical vulnerabilities are handled either using the Incident management process or the Change management process; Patches are tested following the Installation of software on operational systems.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All devices have a monitoring agent on them which can identify potential issues and report back to our service desk. If an issue is identified we have an internal 4 hour SLA to ensure remedial actions are carried asap, the seriousness of an incident will be assessed on discovery so that any priority issues can be responded to quickly. We have multiple alert systems in place and monitor them constantly. We exclusively use Linux for phone system hosting. We automatically patch daily as and when required.
• Incident management type: Supplier-defined controls
• Incident management approach: Fully developed Business Continuity and Disaster Recovery management process developed in line with ISO 22301. Creative Network's have a pre-defined Incident Management Process in place where by an incident is reported with the Incident Manager and then added to the Incidents-overview. After which, relevant log files (from all systems affected) and evidence is gathered. The incident is corrected by implementing a patch, temporary fix or workaround. It is determine whether future occurrences of the incident can be prevented, e.g. by modifying/strengthening one or more controls. Periodically, the overview of archived incidents is checked for apparent trends and effectivity of corrections.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Tackling economic inequality

  By mitigating the financial and reputational impacts of cyber attacks, we support economic stability and resilience, particularly for small and medium-sized enterprises (SMEs).

  Equal opportunity

  Our service also fosters equal opportunity by providing affordable and accessible cybersecurity solutions to businesses of all sizes, levelling the playing field and enabling equal access to digital protection.

  Wellbeing

  Our Managed Breach Detection service significantly enhances societal wellbeing by protecting businesses and individuals from cyber threats. By ensuring data security and integrity, we promote a safer online environment, reducing stress and anxiety associated with potential breaches.

Pricing

• Price: £100.00 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aj@creative-n.com. Tell them what format you need. It will help if you say what assistive technology you use.