Meeting Cyber Security compliance requirements as well as thwarting any internal and external cyber threats can be challenging for many organisations. Ever increasing cyber threats are pushing organisations to balance their resourcing against this threat whilst maintaining normal business operations. This scenario played out recently when Quorum partnered with The New South Wales Office of the Director of Public Prosecutions (ODPP) to deliver a trial of our Cyber One product, a managed security offer that identifies and stops threats before they can cause harm.
The New South Wales Office of the Director of Public Prosecutions (ODPP) is an independent prosecuting service and government within the portfolio of the Attorney General of New South Wales. The ODPP has set very high standards of security for its operations, which are necessary to cater for the nature of the work that it conducts. Additionally, as a state government agency it is required to align with the broader New South Wales Government Cyber Security Strategy. To ensure that the ODPP not only meets but exceeds its security benchmarks, it engaged Quorum on a trial of Cyber One (Managed Detection and Response Service) to help it move the bar higher for its security posture.
With a strong, though lean internal IT team, the importance of bringing a specialist partner in was of particular importance to ODPP. Leader Shrestha, Manager of ICT Infrastructure at the ODPP remarked that “Because we are a small team and there is a very high focus on the broader security piece across the agencies, security is a high priority for everyone. We understand the need for that, but we are a small team, so we needed a bit of help with this.”
As a member of the Microsoft Intelligent Security Association and a founding member of the Cloud Collective (a strategic alliance of four leading Microsoft Gold partners), Quorum’s Managed Detection and Response Service Cyber One launched in 2020 to provide support to organisations with a strong Microsoft security strategy but do not currently have the resources to respond to advanced and emerging threats. “Cyber One is designed to help organisations of all sizes to aggregate, monitor and respond to key security signalling available within Microsoft 365, Azure and beyond,” says Mark McLean, Managing Director at Quorum.
The ODPP benefits from a strong compliance governing culture as a government agency, Shrestha noted that being able to work collaboratively on the project meant that ODPP could extract the most value from Cyber One’s key insights. “From the very beginning ODPP has had a closed service and a high-level of cyber security compliance that has helped protect us from any external threat. Our security posture was already pretty good, so that wasn’t the priority for the pilot program. But saying that doesn’t mean we are immune from everything, and through Cyber One we found things that we could improve, identified gaps, and start mitigations.”
Cyber One delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. This capability enabled the ODPP team to obtain a multi-dimensional view of cybersecurity across the enterprise, through CyberOne’s data insights, monitoring visualisations which improved prioritisation of mitigation strategies. “We have a weekly operational meeting and reporting which is very good, where we identify issues and problems… so while the list of remediations is being identified and growing we can prioritise and see what we want to address first.”
Although, ODPP already possessed a strong security posture, Cyber One was able to add additional value as it leverages decades of Microsoft Security experience. For ODPP who already use Microsoft Defender products, it has allowed them to readily advance their roadmap. “With 24/7 security monitoring that provides us with the dashboards, analysis and protecting our environment. Our plan is to continue with Defender and Windows 365 and expand that in the future” Shrestha explains.
The value of Cyber One has played in assisting their strategic security roadmap can be identified through the Cyber One package offering and the impact it has on internal resources. As Shrestha noted, “At the end of the day, we are buying a managed service, and the success of that comes down to three things: your performance, timely addressing issues, and our confidence with your support. That relationship with Quorum is good and our team is happy.”