SOC – PT Clarus Innovace Teknologi

Problem Background on IT Security Organization

Indonesia Threat Landscape Report 2024

Ransomware Attacks Targeting Indonesia

Manufacturing emerges as the most prominently affected sector among the targeted industries, representing 17.97% of the identified ransomware attacks during this period. Following this, the Professional, Scientific, and Technical Services industry accounted for 12.02% of the attacks, while the Information industry experienced 6.21% of the ransomware incidents.

When examining the top ransomware groups targeting Indonesia, LockBit 3.0 emerges as the most prolific threat, accounting for 23.44% of the attacks. Following closely, ALPHV Blackcat represents 6.57% of the ransomware incidents, while Play and Hunters International account for 5.39% and 4.77%, respectively. Following closely behind, Black Basta accounted for 4.74% of the ransomware attacks. The remaining 55.18% is attributed to various other ransomware groups.

Secure Your Business Now!

Alert fatigue

Security teams are inundated with alerts, making it difficult to identify and respond to actual threats.

Limited visibility

It can be challenging to gain complete visibility into an organization’s IT environment, making it difficult to detect and respond to threats.

Budget constraints

Many organizations struggle to allocate sufficient budget to cybersecurity initiatives.

Resistance to change

Security initiatives can often be met with resistance from employees who may view security measures as obstacles to their work.

Alert fatigue

Security teams are inundated with alerts, making it difficult to identify and respond to actual threats.

Limited visibility

It can be challenging to gain complete visibility into an organization’s IT environment, making it difficult to detect and respond to threats.

Budget constraints

Many organizations struggle to allocate sufficient budget to cybersecurity initiatives.

Resistance to change

Security initiatives can often be met with resistance from employees who may view security measures as obstacles to their work.

What is SOC? (the solution)

Clarus-IT SOC Services solution provides organizations with a robust and proactive defense against cyber threats. We leverage a combination of cutting-edge technology, expert analysts, and proven methodologies to deliver 24/7/365 threat monitoring, detection, and response capabilities.

What is SOC? (the solution)

Clarus-IT SOC Services solution provides organizations with a robust and proactive defense against cyber threats. We leverage a combination of cutting-edge technology, expert analysts, and proven methodologies to deliver 24/7/365 threat monitoring, detection, and response capabilities.

We Manage and Monitoring SOC Services in several Company Multinationals, more than 3 years experiences managing Security Operation Center (SOC).

CARES Bussiness

CARES Essential

SIEM by Clarus

3 Months Log Retention
30 Applications/Security Devices

Threat Intelligence/Security Rating (1 Domain)

Vulnerability Assessment

CARES Tailored & Customizable

a. SOC Services Tailored to Your Needs
b. Security Awareness
c. Vulnerability Assessment and Penetration Test
d. Digital Forensic and Incident Response (DFIR)
e. Cyber Threat Assessment
f. Security Hardening
g. Security Backup & Backup Forensic
h. Patch Management

CARES Bussiness

CARES Essential

SIEM by Clarus

3 Months Log Retention
30 Applications/Security Devices

Threat Intelligence/Security Rating (1 Domain)

Vulnerability Assessment

CARES Tailored & Customizable

a. SOC Services Tailored to Your Needs
b. Security Awareness
c. Vulnerability Assessment and Penetration Test
d. Digital Forensic and Incident Response (DFIR)
e. Cyber Threat Assessment
f. Security Hardening
g. Security Backup & Backup Forensic
h. Patch Management

I. Entry Point Cyber Attack

Methods of ransomware infection, categorized into four primary attack vectors:

Vulnerability

Ransomware exploits system vulnerabilities through a network exploit. Vulnerabilities in networking components allow attackers to execute a malicious payload.

Examples: Used by ransomware families like WannaCry and Petya.

Email

Infection occurs through spam or phishing emails. Users are tricked into opening infected attachments (e.g., office documents, PDFs, or executable files) that download the exploit kit and payload.

Examples: Used by ransomware like Locky and TorrentLocker.

Web

Ransomware spreads through compromised websites, malvertising, or drive-by downloads. Files downloaded via email or compromised websites deliver the exploit kit.

Examples: Used by ransomware like CryptoWall and TeslaCrypt.

Device

Infection occurs via a compromised device, such as a USB stick or laptop. An infected device introduced to the network unknowingly carries threats that propagate laterally.

Examples: Used by ransomware like Spora.

C.A.R.E.S.

as Our Solution

Problem Background on IT Security Organization

Indonesia Threat Landscape Report 2024

Specific Challenges Faced by Security Teams

Alert fatigue

Limited visibility

Budget constraints

Resistance to change

Alert fatigue

Limited visibility

Budget constraints

Resistance to change

What is SOC? (the solution)

What is SOC? (the solution)

Introducing C.A.R.E.S.

What is C.A.R.E.S.?

Comprehensive

Assessment

Risk

Evaluation

Services

The Key Benefits of C.A.R.E.S.

Benefits of Our Managed SOC Services

Expertise and Experience

Advanced Security Technologies

Continuous Monitoring and Rapid Response

Proactive Threat Intelligence

Compliance and Reporting

How long the experience, and how many handled cases and customer?

Mining

Oil and Gas

Financial Services

Logistics & Distribution

Container Port & Transportation

Mining

Oil and Gas

Financial Services

Logistics & Distribution

Container Port & Transportation

Service Packages

CARES Essential

CARES Bussiness

CARES Tailored & Customizable

CARES Essential

CARES Bussiness

CARES Tailored & Customizable

Recovery Ransomware Outbreak Experience

I. Entry Point Cyber Attack

Vulnerability

Email

Web

Device

II. What We Do

Investigation Breach (Threat Hunting)

Assessment – Impact Outbreak Discovery

Rebuild

Restore Backup, Scanning, Testing

Security Readiness & Improvement

III. Security Readiness & Improvement

Deployment Application Public Protection

Server Operating System Hardening

Security Operations Center (SOC)

Enhancement Endpoint Security Protection

Installation Access Restrictions

Redesign Network Topology

IV. Create Security Roadmap for Suggestion

Are you ready to proactively manage your organization’s risks?