Protect your business from cyber threats

1. What is Digital Risk Protection?

Digital Risk Protection (DRP) is a holistic approach to monitoring and identifying threats against your digital assets. It is the act of using technology, tools, and expertise to monitor data sources for threats to your or your organisation’s digital footprint.

We aim to help you understand your digital risks, providing you with a strategic advantage and situational awareness for better identification and anticipation against threats targeting your digital assets.

Because not every situation is one that can be protected or monitored against, DRP comprises multiple strategies and tools. DRP experts first need to understand: 

• Your unique situation,
• The digital assets that are most important to you, and
• If any existing or known risk is impacting your brand or reputation online.

DRP is about developing a strategy to protect what is most important to you. It is also about how that threat is handled in the event that it requires remediation or litigation.

2. Why do you need Digital Risk Protection?

Increased interconnection comes with countless benefits. It also comes with an increased risk of your online presence being used against you and your organisation.

As our lives become digitised, more professionals recognise the risks caused by online threats. Demand for DRP services has grown with the need for better visibility and help with remediation against threats targeting enterprises’ digital assets.

Digital Risk Protection is one of the fastest-growing trends relating to cyber security. It will become more pervasive as more of our activities are tied to the Internet. Such digitisation of our lives opens new doors for threats, attacks, and risk.

In many ways, DRP is no different than a car alarm, home security system, or identify theft technology. It protects what is most important to you.

3. Getting started with Digital Risk Protection and finding a DRP service that is right for you

Starting out with a DRP service can be very straightforward, depending on your situation and immediate (and long-term) goals. Involving DRP experts maximises both the efficiency of the process and the potential for protection.

The Internet is a large place, and Digital Risk Protection services vary widely. When choosing the right DRP solution for you, your first priority should be ensuring that it will protect what you are trying to protect. Next, focus on learning what happens after a threat is identified.

Digital Risk Protection is about more than having world-class technology with which to monitor threats. It requires a sound strategy that focuses on key data sources that can be filtered and scanned. Ultimately, the best way to find out whether DRP is right for you is to schedule a demonstration and to speak to Celcom DRP specialist.

Your digital profile is monitored and protected based on 3 pillars: Technology, People and Processes.

1. Technology - We combine proprietary technology with high technological value tools into a unique service that allows us to offer a very complete solution. See in question 5 all the modules that constitute the service.
2. People - A multidisciplinary team with comprehensive knowledge in threat detection, analysis, and response, based on the Client's environment and context, as well as their activity sector.
3. Processes – We leverage clearly defined processes developed from delivering insights to a wide range of companies in very different industries. The continuous evolution of all the elements of the service (processes, tools, sources, etc.) based on experience, feedback and market’s best practices and standards are a warranty of a top-level service.

4. What digital risks can be prevented?

We aim to monitor your digital assets and brand against any external threat that may harm your organisation. With DRP, you can be sure the following is being monitored closely:

1. Identify all Exposed Assets at risk of unauthorised access
2. Monitor for Data Leaks
3. Keep Risk and Threat Models updated
4. Secure Access to all Exposed Resources

5. What are the modules available in Digital Risk Protection?

Depending on your organisation’s requirements and needs, we offer a range of modular threat intelligence capabilities as below:

1. Activism
2. Breach of security controls
3. Carding
4. Counterfeit
5. Credential Theft
6. CVEs & security bulletins
7. Data Exposure
8. Digital Identity Monitoring
9. Hacktivism
10. Malware
11. Offensive Content
12. Phishing
13. Suspicious Domains
14. Suspicious Mobile Application
15. Unauthorised use of brand

6. What are the main use cases for Digital Risk Protection?

Identifying which DRP use cases to focus on depends on industry and size, and prioritisation can be complicated due to many threats overlapping one another. The most common use cases are as follow:

• Domain Monitoring
• Account Takeover Protection
• Brand Protection
• Data Exposure Protection
• Credentials Theft

7. What is the difference between Digital Risk Protection and Vulnerability Risk Management?

DRP and VRM have different targets. As we know, DRP monitors and protects your company´s brand, reputation and, more in general, your company’s digital footprint against targeted threats addressed to your organisation.

In a complementary way, VRM helps to deal with risks associated with the high number of vulnerabilities that overloads security teams nowadays. Thanks to a persistent monitoring approach, customers benefit from continuous visibility and a higher rate of vulnerability identification and remediation. Early detection and support in the prioritisation of high-risk vulnerabilities are capabilities that will save time and costs for you.

An aspect that both DRP and VRM share is that Celcom’s analysts are always supporting the service and making sure the results delivered to the customer provide relevant insights. Unlike other solutions in the market consisting of a platform, both VRM and DRP have the added value of our analysts.

8. How can DRP improve your cyber security posture?

Digital Risk Protection service defends your business, brand and reputation against the risks arising from digital transformation. It features a holistic approach that covers the open web as well as the deep and dark web, providing actionable threat intelligence to reduce successful attacks by reducing the attack surface and helping to detect potential security breaches and accelerate recovery.

9. What is the difference between Celcom’s DRP service and other solutions in the market?

Unlike many solutions in the market that are platforms, Celcom’s offering is a service. This means you can implement the solution and let it run and manage itself. Celcom’s top-level operations, together with Telefónica Tech's security team, will provide you with threat intelligence relevant to your business, eliminating false positives.

1. What is Celcom Vulnerability Risk Management (VRM)?

Celcom VRM is a service that helps your organisation deal with risks associated with the high number of vulnerabilities that overload the security team. It keeps your organisation ahead of cyber attacks improving their cyber security and resilience capabilities. Celcom VRM is combined with auto and manual vulnerability risk assessment of your organisation’s IT Assets to prepare your organisation’s cyber security defenses, address the cyber security compliance requirements and to be ahead of the continuous evolution of the attacks.

2. What are the key product features of Celcom Vulnerability Risk Management (VRM) services?

Celcom VRM goes beyond just scanning and fixing, as it can automate the discovery of assets across the internet cloud, deep and dark web, virtual and application development environments, as well as automate the prioritisation and remediation of these vulnerabilities as much as possible, through the following 4 steps.

1. Monitoring – Know your assets and reduce your IT shadow with unique active discovery of real attack techniques, and monitoring of IT Assets & Web Applications to obtain higher control of the assets
2. Analysis – Our expert team will identify, analyse and validate the discovered vulnerabilities
3. Mitigation - Risk prioritisation and vulnerability mitigation by our expert team
4. Resolution - Corrective measurement by our expert team

3. What is Penetration Testing?

Penetration testing or pen-testing is an approach for your organisation to emulate attacks and identify uncovered security loopholes. It aims to identify IT asset vulnerabilities and risks which may impact the confidentiality, integrity and availability of the data.

4. Why perform Penetration Testing?

A pen test is an ethical attack performed by internal or external resources to find security loopholes and fix them before attackers do. Most organisations appoint an external expert to perform regular pen-testing as a good security practice to ensure cyber controls are working properly.

Regular pen-testing can help your organisation:

• Determine and identify weaknesses in the systems, network, and applications regularly in order to fix them before an attack happens
• Ensure the controls and loopholes have been fixed accordingly and provide assurance to the senior management
• Discover software bugs before go-lives, and test them regularly to ensure the security and integrity of applications

5. Do I need to install the VRM or Pen-Testing software in my office network?

It all depends on where the IT assets are situated. For IT Assets located in an Intranet, a persistent VRM Agent is required on customer premises. IT Assets located in a DMZ or on the Internet do not require a persistent VRM Agent.

6. What are the benefits of Vulnerability Risk Management or Pen-Testing?

Vulnerability Risk Management provides the following benefits:

• Reduced Costs – You do not need to invest in additional hardware or software and associated maintenance costs.
• Persistent Approach – It provides you with persistent and continuous monitoring to identify vulnerability and early detection and proper management of security threats from the moment they are discovered, prioritising fast mitigation and minimising exposure.
• 24/7 Support – A highly qualified and certified technical team with extensive experience will help you verify each detected weakness to determine its severity and define the remediation plan, allowing you to focus your resources on a quick resolution.
• Identifies all Exposed Assets on the Internet.
• Customisation of User Profiles to restrict visibility and vulnerability management among business divisions/organisations within your corporation.
• Ensures Compliance – It addresses requirements of compliance, internal policies, and industry standards of avoiding issues of improper access to protected or regulated data
• Saves Time and Cost - Advanced early detection and support in prioritising vulnerability to reduce remediation time of high-risk vulnerabilities and protect your company’s reputation
• Avoid Third-Party Risks – Avoid attacks from third-party assets beyond your control

7. Does Celcom VRM provide fixes for the found vulnerabilities?

VRM services define the remediation plan of the vulnerabilities to mitigate the threats. Customers need to take action to fix the vulnerabilities. Customers may contact Celcom to discuss solutions needed to fix the vulnerabilities.

8. Do customers need to subscribe to all VRM modules?

Customers can choose to start any service such as Persistent VRM for Vulnerability Alerts, or Vulnerability Analysis, or Web Application Scanning, or Manual Pen-Testing.

9. What are the pen-testing methods offered by Celcom VRM?

Celcom VRM offer both automated and Manual Pen-Test. Both manual and automated or persistent vulnerability scans are useful tools for managing vulnerabilities and complementary to each other, and both should be performed.

Persistent Vulnerability Risk Management provides a holistic solution that integrates different products and security tools, standing out against traditional security services by offering end-to-end vulnerability management through an Online Portal that allows monitoring of a vulnerability from detection until resolution.

Persistent Pen-testing automatically and continuously (24/7) implement the phases that attackers use to compromise the security of a company’s information systems together with a qualified security team that validates the results obtained by the platform, the vulnerabilities detected and the recommendations given.

The Manual Pen-testing services provide clear and concise guidance on how to protect the End Customer’s information systems and information against real-world attacks. A key factor in the success of Pen-testing is the methodology based on the behaviour of real attackers with a systematic and scientific approach to successfully document a test and create reports on different levels of an organisation’s management. The approach of this Manual Pen-testing module is based on the implementation of techniques and phases to simulate actions and methodologies used by real attackers.

10. Is Pen-testing disruptive to our environment?

Pen-testing should be planned properly and comprehensively between the service provider and customers to identify potential risks for disruption and adjust the approach accordingly. The pen-testing planning should be scheduled in advance in order to ensure adequate time for communication with relevant stakeholders and monitoring throughout the pen-testing schedule.

11. How often should pen tests be conducted?

Pen-testing varies depending on environment size and applications. In most cases, the company performs pen tests quarterly or annually, depending on the budget and how often changes in the infrastructure are made. Celcom VRM offers both manual or automated scheduled vulnerability risk management. Depending on the customer’s schedule, Celcom VRM can be performed as frequently as daily or weekly.

12. Should the customers conduct their own pen-testing?

It depends on your organisations structure and resources. If you are thinking of performing your own in-house pen-testing, you should consider following criteria: 

• The pen-tester should have relevant experience and training in the technologies
• Different reporting structure between Pen-test team and software development, business application or IT Infrastructure team
• Audit or regulatory department in organisation should be independent from Pen-test and IT team. The audit team should oversee and ensure independence between pen-test team and IT infrastructure or business application team
• Ensure the pen-test team continues to train and stay updated on newly discovered vulnerabilities and threats, pen-test methodologies and tools

13. How much time is needed for VRM testing?

VRM is an automated vulnerability test. Once the service is set up, the vulnerability assessment will be planned and scheduled as agreed with the customer. It will take approximately 3 weeks for initial configuration and provisioning of VRM. The customer can expect a visualisation of the results from the firsts scans in the portal.

14. Should your organisation fix all the vulnerabilities that are reported?

Celcom VRM will prioritise the threats for the organisation to take immediate action for the fixes based on the risks. Together with the vulnerability detected, Celcom will provide recommendations on remediation. However, the customer is responsible for deciding what actions to take in order to solve it. Celcom VRM will continue monitoring the vulnerabilities until it is fixed.

15. What is the difference between Celcom’s VRM service and other solutions in the market?

Unlike many solutions in the market that are platforms, Celcom’s offering is a service. This means you can implement the solution and let it run and manage itself. Celcom’s top-level operations will analyse the results from the tests and present to the customer only what really is a vulnerability, eliminating false positives.

16. How is the service provided to the customer?

The Service Portal is an integral part of our value proposition, being a communication interface between the Customer and the Service itself. All discovered assets and vulnerabilities detected (occurrences) by the automatic analysis tools in the security tests are registered in the Service Portal for their homogeneous management and subsequent follow-up.

1. Celcom Cyber Threat solutions consist of multiple modules offered on a subscription basis to meet the needs and requirements of a business.
2. Customers who subscribe to the services shall enjoy the scope of service offered under the Package as stated in the Service Agreement Form (hereinafter referred to as “SAF”).
3. Celcom reserves the right to change the prices at any time during the contract tenure.
4. Contract tenures for all packages will be for a period of 12 months.
5. Invoices are issued monthly or annually.
6. The prices for Celcom Cyber Threat solutions are based on the modular subscription and the scope of services stated in the SAF.
7. The Package Value (hereinafter referred to as “PV”) shall be charged based on a full calendar month.
8. In the event of early termination, there is no refund if the payment has been made and the Customer shall be subjected to a Termination Fee based on the remaining months of the contract tenure.
9. The minimum subscription period for Celcom Cyber Threat solutions is 12 months from the date of activation of the service of the Package (herein defined as “Period of Agreement”). Celcom shall impose an early termination fee for the remaining months out of the Period of Agreement (herein defined as “Termination Fee”).
10. Should there be any payment default, the service will be suspended by Celcom and reconnection will happen only after all outstanding payments are cleared. Subscription of the package shall be fully terminated upon failure to settle the outstanding payment(s) after 3 months.
11. The prices will be subject to a 6% Sales & Service Tax (SST) subscribed by the Customer.
12. Either Party may at any time terminate the subscription to Celcom Cyber Threat solutions by giving the other Party 30 days prior written notice. Celcom shall not be liable for any compensation and damages towards the Customer in the event Celcom exercises its right to terminate for convenience. However, termination by the Customer prior to the expiry of the Period of Agreement will always be subjected to a Termination Fee as prescribed herein.
13. The Customer agrees that Celcom’s entire liability in contract, tort (including negligence or breach of statutory duty) or otherwise to the Customer (except for death or personal injury caused by Celcom’s negligence) under this Agreement shall not at any time exceed the sum specified in the SAF (“Limit of Liability”).
14. Celcom will not be responsible or liable for any claims by the Customer or any third party arising from the act, omission or negligence by the Customer or by the Service Provider.