Is a fundamental pillar in the technological development of this century
We cannot understand the phenomenon of digitalization and digital transformation without linking it to the evolution of cybersecurity in all its breadth. In addition, governments have made this issue one of the areas of greatest legislative development.
In a context of risks and the growth of cyber-incidents, in terms of volume and impact, managed cybersecurity services are a basic element in the sustainable management of enterprises. These services can be provided from specialized centers CERT (Computer Emergency Response Team), CSIRT (Computer Security Incident Response Team) or in its more generic name SOC (Security Operation Center).
We have S2 Grupo CERT, S2 Grupo's Cyber Security Operations Center. Created in 2007, it is one of the most modern SOCs and has not stopped evolving in its service catalogue, the technology it uses, the work methodologies and the training of a team that supports its operational processes 24x7, 365 days a year.
S2 Grupo CERT is an operations center which provides service in both the IT and OT fields, and we attend to clients of all types anywhere in the world. We have 4 operational centers in Valencia, Madrid, Bogotá and Mexico City from which we provide, in a syndicated manner, continuous protection, detection and response services in cyber security.
The main Operations Center
Located in Valencia, it has a physical infrastructure of more than 2,000 m2 with restricted access spaces for handling sensitive information, IT and OT cyber security laboratories, its own Data Processing Centre, crisis room, training center specialized in cyber security with a capacity for 50 people, 24x7 operations service room, restricted access area (ZAR) for handling classified information, machine room with Generator Set that guarantees the continuity of the electricity supply, physical access control measures and a long etcetera. The Madrid Operations Center functions as the main backup for the Valencia center.
We have more than 300 people working in the CERT, specialists in different areas of IT and OT cyber security with multiple technical and management certifications. The Operations Center team maintains its technological vitality by participating in the management of complex incidents, joining prestigious international events as speakers and attendees and working on cutting-edge R&D+I projects.
In addition to the personnel distributed in the 4 centers of the S2 Grupo CERT, we also add Distributed Operational Groups (DOG) who go to the homes of the clients who need them. These DOGs work directly on the client's infrastructure and use the entire CERT technological platform as support.
The services of the S2 Grupo CERT
The S2 Grupo Cybersecurity Operations Center has a complete catalogue of services with which we cover all the needs of an organization in terms of cybersecurity:
Our catalogue of services is based on the Enterprise Mitigations of MITRE ATT&CK and on the services derived from the application of the National Security Scheme and the STIC Guidelines of the CCN-CERT. We classify incidents according to the STIC 817 Guide for the management of cyber-incidents.
At S2 Grupo CERT we use both our own technology which we have developed and that of third parties when the service requires it. Having our own technology allows us to make flexible, fast and competitive proposals in the deployment of managed security services, also with very fast tactical field deployments for temporary operations (elections, incidents and all types of events).
The operation of the S2 Grupo CERT
S2 Grupo CERT maintains relations with a multitude of national and international cybersecurity centers through FIRST, GÉANT and CSIRT.es, in which it is a very active member. The relationship with the State Security Forces and Corps and with the National Intelligence Center (CNI) is also very close.
We have a complete Unified Management Model and certified with standards such as ISO 27001, ISO 20000, ENS HIGH category, ISO 9000, ISO 14001 and the UNE 166002 standard specialized in Research, Development and Innovation. The deployment of the processes defined in the Management System in the syndicated center guarantees compliance with quality and security standards in the operation of the Service Center.
Prevention, detection, support and assistance against ransomware
Ransomware attacks are one of the most damaging incidents for organizations: they exploit software vulnerability, infect the operating system, and can take charge. To prevent this, we offer ransomware attack prevention, simulation, detection, response, containment, support and assistance services, which allows us to minimize their impact and be better prepared.