Why our cyber solution is better because we take a different approach

By John Dale Managing Director of Onyx IT

We know that other MSPs offer cyber security solutions that go beyond a firewall, anti-virus, and anti-spam. The majority though use off-the-shelf third-party solutions provided by Remote Monitoring and Management (RMM) providers or security vendors. This article describes why we at Onyx IT take a different approach and pose some Q&As that a client might ask.

At Onyx IT , we treat all our customers as unique, and cybersecurity is no exception – we create solutions to defend your organisation that are both effective and appropriate - why? Because all cyber risk is contextual to you as an organisation - what you do, who your customers, supplier, and supply chain are and what access you potentially provide to your own and other parties people, systems and data.

As always, the decision to partner with existing security or RMM providers, or to utilise our vendors technologies to create our own service is one that needs to consider our capabilities, people and processes in addition to your risk – we’ll continue to iterate our solutions and continue to assess partnership opportunities, so you’ll always know that the trust you place in us is underpinned by the best technologies delivered in the way that provides you the biggest value.

Onyx IT has assessed a broad range of security and RMM providers to continue with our mission of defending our clients from cyber risks in an effective and appropriate manner. We identified the following challenges in all of the solutions we looked at:

• Service Quality: Service providers are largely based out of the US, when local resources are in place, they tend to be satellite security centres for compliance or time convenience. In our assessment this leads to the best quality resources being located outside of the UK, meaning the quality of detections, analysis and response available out of hours (i.e. US core times) is better when you need it least. Onyx IT aligns our solutions to your working hours and cyber risk directly with our best experts available and defending your organisation when you need it most.

• Appropriate and effective: The nirvana of all large-scale managed services is to do the same thing many times for many customers. This means that most of the services we looked at take an approach to a “global average” of risk. We don’t believe in “average clients”, each is unique and as such, Onyx IT ’s services are tuned to detect and respond appropriately to your risk and operational continuity. We’ll also work with you, where a solution we propose doesn’t work for your business, we’ll listen to your concerns and propose a different solution to mitigate that risk, with its pros and cons – at the end of the day, Onyx IT cyber security is committed to facilitating your business, not to block or constrain it.

• Restrictive tooling misses alerts and their context and adds both cyber and operational risk: Many of the providers we looked at were very focussed around an acquisition of one technology into their portfolio. Onyx IT Cyber Security is a mix of monitoring devices, infrastructure, people and data, to build a picture of events within your business, identifying and mitigating risks and impact. This makes our security more effective, more granular and lower risk. For example, a pure endpoint solution, detection points are largely at detonation (i.e. when something happens) and responses are to isolate the endpoint meaning the loss of productivity, and potentially leave a compromised account free to continue on another machine or cloud platform. With Onyx IT Cyber Security, we detect earlier in the process before impact (for example at the initial phishing mail, or login occurring, prior to any impact) and our responses include challenging the user with conditional access, resetting a password, ending all active sessions, in addition to isolating the device and account.

• Lack of connected responses slows down responses and increases cyber risk and impact: Because Onyx IT manages your IT assets, one platform allows us to respond to events where we manage the firewall, switches, Wi-Fi, or other assets that aren’t within the scope, control or ability to respond by the RMM or security vendor platforms. In one recent customer example, we had a firewall port blocked and the attacker prevented from access in under 90 seconds, there is no way for an external supplier to achieve this, it requires a trusted and in-depth relationship.

• Lack of ability to add our own detections: Understanding how a malicious actor is behaving, their techniques and approach is referred to as threat intelligence. Onyx IT Cyber Security uses threat intelligence to build detections that are specific to the risks you are most likely to face. In one recent example, one of our customers was targeted as part of the UK government’s supply chain – this information was only available to UK based security entities, and as such we had a detection in place to block this attack over a month before the platforms we reviewed, preventing significant impact, embarrassment and financial loss for our customers.

• Efficiencies for our customers are blocked through limitations of the providers platform: Onyx IT is fastidious on creating efficiency for our customers with our cyber security solutions, and the platforms we assessed limited the customisation and alignment we could achieve. One example of this was when one of our clients recently had a specific problem with a large number of phishing mails over the period of a specific campaign that they were running. Onyx has built an automation that both enabled the clients’ employees to report these mails, automatically investigate them, removed duplicates from mailboxes and create an alert to investigate further anyone who had clicked on the mail. This reduced the pain for the client and enabled Onyx IT to investigate and defend our customer faster and more accurately, preventing time wasting for our client on over 5,000 phishing emails. This was available to us because we understand, build and develop our clients’ solutions, rather than accepting an out of the box solution and its limitations.

• Lack of holistic overview and partnership to support our customers overall security posture: Onyx IT works hard with our clients to support their cyber security journey, combining all an organisation’s security into one overall picture helps us to deliver value to our clients. None of the partner platforms offer this critical functionality.

• Lack of value and other evidence. Onyx IT ’s solutions are directly connected to your business and compliance goals; we present information that evidences and supports your security posture and compliance requirements in a way that you can easily consume and evidence to customers or regulators. One example of this would be that no partner platform included information for DORA compliance (required by all financial services entities and their suppliers in the EU/UK) with Onyx IT recently undergoing our own journey to support our clients, we’ve evidenced the key requirements in a simple, easy to consume dashboard.

• Prioritisation to your business. Understanding and knowing our customers means that we can respond to specific circumstances and concerns in a way that large multi-tenant solutions cannot. One example of this would be our client undergoing an acquisition, and needing to assure governance for the due diligence process and the individuals that were acting within it. As such we provided both enhanced monitoring to these individuals and their assets and extended our experts available hours to cater for this critical time.

All of these reasons, and our responses to them, combine to assure our customers that Onyx IT is the right Cyber Security Partner for them. We will continue to develop, integrate and enable our vendors technologies into own security solutions.

Q&A's

How do you defend us 24x7x365?

From the work we do with each customer, we understand your risks, and as such we will always recommend the most appropriate and effective solution. While this includes the option for 24x7, we understand that most of our customers operate around UK business hours, so that’s when we provide our core support (with options to extend continuously or for short periods). Out of hours we enable smart automation to identify events, offering containment and isolation of suspected compromised machines and identities together with challenging and revoking access and sessions – and we’ll always back off to one of our experts where needed – whenever that is needed.

Is it more expensive?

Onyx IT ’s solution is both fully featured and extremely efficient, from day one of our service, we’ll onboard you in hours (many of our peers take weeks or even months) with our deployment pipelines, and our processes. We address any manual task we do three times with a formal automation process.

Furthermore, we collect data and information efficiently, understanding its context in your business and the aligned risk it brings. Many of our customers for example don’t run devices overnight, meaning that we focus on exposure of identities and the few systems online, rather than wasting your money, safe in the knowledge that if something should happen our experts take care of it. This often occurs before our customers are even aware that something has happened.

How will you retain your staff and ensure service excellence?

As you’ll know, at Onyx IT we pride ourselves on being approachable experts as an extension of your team, and our cyber security people are no exception. We operate a mix of formal development (courses and certifications) peer and shared learning (for example presenting back to our team on cybersecurity events, new threat intelligence, or attacker techniques) driving our own culture of expertise, and experience enabling the next generation of our cyber expert team.

Outside of this we partner with Cyber Security Specialist companies who have experience at nation state level. These experts provide deep specialist support where required in diverse areas such as forensics, incident response, detection engineering, to enable our people and scale in the event of multiple major incidents or extreme client risk.

Will I be safe from a ransomware attack?

Onyx IT can stop the bad guys in their tracks. Technology enables analysts to disrupt attacks across endpoints and identities. Onyx cyber solutions enables us to tell you that you have been protected rather than telling you have been hacked.

Who do I call if I think there could be some cyber incident happening?

You call the same people you normally would at Onyx IT . We have all the data and event information we require to see what is happening on your network and see if there is an incident occurring. We don’t have to refer to a 3rd party for a deeper investigation.

In Closing

In a world where cyber threats are constantly evolving, your business deserves more than a generic solution. At Onyx IT , we're committed to providing tailored cybersecurity that meets your unique needs. But this is just the beginning—we believe that open communication is key to staying ahead of the curve.

If you’re ready to discuss how we can help protect your business, let’s start a conversation today. Reach out to us, and let's explore the best ways to secure your future together.