X
NEXT
Forgot password?

DigitalXRAID

How DigitalXRAID is supporting Santa Claus with a fully managed SOC

DigitalXRAID is very proud to share that, following a ‘widely reported’ breach and large scale digital transformation programme at the world’s biggest seasonal logistics and global delivery provider, we’ve been selected as the provider of choice to supply the big man in red, known globally as Santa Claus, with a fully managed Security Operations Centre (SOC). As a business that has operationally remained very traditional for several decades, you wouldn’t believe the technological advancements that have been put in place – we couldn’t make it up! As technology enters the mix, the elf workshop will need to adopt a security culture to ensure the efficiency of its operations. 

Santa had identified that he had a severe lack of in-house experience when it came to cyber security, with an elf recently promoted to CISO. He was no longer able to dress it up any other way! They needed a managed security service provider to support them with specialist expertise. DigitalXRAID’s SOC team will now be supplying advanced threat detection and response to monitor Santa’s cyber security 24/7, making every day of the year feel like the most wonderful time.  

As a business with round-the-clock operations, especially at seasonal peak times, Santa wanted a provider who would also be continuously monitoring violations and threats. Utilising Intrusion Detection and Prevention Systems, DigitalXRAID will be shiny nosing around to keep hackers at bay – always on the lookout for new threats as cyber criminals become more fantastical in their attempts to gain access. SIEM & (Yule) Log Management will also be used as part of the 24/7 cyber threat protection service, monitoring infrastructure, systems, network and web applications for potential security breaches. 

One major part of the overall modernisation concentrated on Santa’s Naughty or Nice list. In the past, a vast amount of man power – elf power – had been employed to make the list… and check it twice. But just as other businesses have over the last 12-18 months, Santa has deployed cloud technology for more flexibility on data storage and accessibility. AI software now performs the checks in record time and blockchain technology is in place to verify validity.  

Santa was most concerned that if this list was accessed again by cyber criminals, the ramifications would be No No No for his organisation. The default security which the cloud provider included wasn’t sufficient to ensure complete protection of Santa’s sensitive data. DigitalXRAID performed checks to ensure that the cloud service had been correctly configured for both functionality and security, making sure there were no vulnerabilities. Our specialist SOC team will be using sophisticated monitoring techniques to ensure that all potential threats and weaknesses are identified, and countermeasures are in flight on an ongoing basis. Endpoint Detection and Response will also monitor threats as Santa makes his journey around the world delivering presents, protecting as he accesses the naughty and nice list and global address book from the sleigh.  

Santa’s little helpers, not the technology, are the weakest link in his security chain without an effective adoption of security culture in the workshop. As readers (and reindeers) will be aware, significant areas of the North Pole, protected by Norway, are recognised as forming part of the European Economic Area, so GDPR regulations will apply to naughty and nice data profiling processes, as well as the storage of personal data from every child across the globe. With data traditionally being acquired from completely fly-by-night sources: Stressed out parents, general monitoring of social media, and, most unreliable of all, the children themselves through the process of hand-written notes placed on fireplaces the world over, Santa has tasked DigitalXRAID consultants to design an effective Information Security Management System (ISMS) to improve data management processes in the organisation. We will be working with a UKAS accredited body to validate internal documentation – under strict NDA – and processes, in order for him to achieve IS… Ho Ho Ho 27001 certification.  

In the next exciting stages of Santa’s cyber security journey, DigitalXRAID will be conducting cyber awareness training with the elves, including conducting the HarpoonX Managed Phishing Service. During our initial security audit we discovered that Santa’s email had been published on the dark web and an extremely high volume of emails – mostly parents reporting bad behaviour and regular child tantrums – was received daily, with increasing volumes in December. With 9/10 cyber attacks starting with a phishing email, Santa’s elves need to be educated to be able to detect malicious emails and understand the threat they could pose to the organisation.   

We’ll also be looking more closely at Santa’s supply chain security… but that’s a tale for another time!  

Previous Article

Top 12 Cyber Security Stats of 2021

Next Article

Sophisticated phishing email targets Microsoft Office users

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert

x

Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]