Project Kestrel

Posted in: Case Studies

BACKGROUND
Sophisticated cyber-attacks are growing at an alarming rate with unstructured data amounting to more than 80% of all the data collected within the MOD’s cyber data lake. The accumulation and exponential growth of information relating to cyber threats, vulnerabilities and risks needed to be analysed to derive a focused cyber situational awareness to prevent future attacks.

This will enable existing and future analysis tools and data feeds to be integrated rapidly and efficiently to ingest, store, manage and distribute cyber-related data, giving clear risk indicators to defend against cyber threats on their own network.

CHALLENGE
The challenge for the MOD, with such vast amounts of data; was to have the ability to test, evaluate and deploy applications and technologies to counteract the cyber threat. This will provide a concise view of threats of the past; to predict the threats of the future.

project kestrel

REQUIREMENT

  • Deliver an accredited fully managed service
  • Provision of production and test environments at both SECRET (SLI) and OFFICIAL-SENSITIVE (RLI) and connectivity for interrogation of the CySAFA Data lake
  • Future countermeasure analysis and protection and cyber defence management
  • Identification of malicious activities based on real-time and historical data analysis with an insight into the attack path
  • Improve capability to detect and respond to previously unknown cyber-attacks, pre and post cyber incident analysis
  • Reduced incident time due to the ability to make faster and more informed decisions
  • Real-time and retrospective analysis to aid the prediction of future attacks
  • Streamlined application onboarding for transition to the live environment in line with MOD policies
    Scalable to facilitate fluctuating demands
  • Service must be delivered within a predefined timescale to accommodate other service implementations
  • Derive early threat indicators
  • An end-to-end managed service
  • The service needs to be scalable
  • Maximise the productivity of remote and varied users
  • Limit the need for couriers and travel

SOLUTION
The Cyber Applications Private Cloud provides an accredited fully scalable service enabling the processing and dissemination of threat analysis and identification of cyber vulnerabilities. The platform provides hosting of all the MOD’s cyber protection tools in one environment rather than multiple disparate systems.

BENEFITS

  • Rapid response to network threats and recorded cyber incidents
  • Fully managed end-to-end service removes the demand on internal IT resources
  • Identification of cyber vulnerabilities across all operational platforms
  • Aids vulnerability analysis in support of advanced cyber incidence defence
  • Identification of cyber risks and critical shortfalls in protection
  • Analysis of cyber alerts and advisories enables behavioural analysis of potential threat actors
  • Enables the discovery, remediation and mitigation planning of countermeasures to be made quickly and effectively.
  • Rapid application deployment into live environments

SUMMARY
The project was successfully delivered with its first live applications in under 5 months from contract award in both security domains, with the ability to support over 50 (fifty) unique applications. As part of this fully managed service, a new on-boarding model was introduced to fast track application accreditation and ensure that the project continued to delivery agile innovation at speed.

SecureCloud+ has a record of delivering innovative secure end-to-end managed services where quality is integral, the service is fit for purpose and represents value for money.

To find out more about this or other projects, please contact us.

Vision

SecureCloud+ will become the trusted service delivery partner within Defence and Public Sector with a reputation for fast and successful delivery of secure managed ICT services at all Government Security Classifications tiers.

Read More