The few, the proud, the secure: CSC welcomes new Sydney security facility

CSC's screening of potential white-hat security employees is so intimidating that 80 per cent of potential applicants never make it past the first stage, global portfolio executive for cyber security Gordon Archibald has revealed as the company cuts the ribbon on a brand-new Sydney security operations centre (SOC) that is the firm's fifth such site worldwide.

As part of the process, applicants to CSC's Strike Force team are given a week to see how far they can infiltrate a self-contained technology environment. Only 1 in 5 bothers to come back, Archibald said, noting that the process rapidly helps weed out those who lack the skills white-hat hackers require.

“There are a lot of great people who understand how to use tools but don't really understand cyber,” he explained. “We want people who understand databases, applications, networks, and how to bypass security controls to provide that better level of assurance to clients. About 80% of our applicants fail to even have a go.”

The Strike Force team is part of a 2000-strong global security practice that received its fifth member with the opening of the dedicated SOC in Sydney's Macquarie Park, next door to the well-known outsourcer's Australian headquarters.

A massive investment in HP's ArcSight security information and event management (SIEM) technology supports the practice, which operates in concert with identical facilities in the US, UK, Malaysia and India to support customers and collect large quantities of threat-intelligence information.

This networked, collaborative approach to IT security has become a requirement in today's world, Archibald explained, noting that the changing threat had obsoleted the older ways of enforcing security. “What we identified probably three years ago is that the old way of doing security no longer works,” he explained.

“The days of bolting on technology and generating lots of information where you could have separate IDS, data loss prevention and other teams all in isolation of each other, are over. We wanted to make sure that we implemented a global security framework that would let us share information and get better visibility into what's happening in the wild.”

The ArcSight investment – which Archibald said makes CSC the biggest user of HP's popular tool in the world – took over a year and a half to bed down, combined with proprietary development that has helped the company offer an integrated IT security defence that is aligned with core business metrics.

“We've implemented regular updates of key security controls into centralise dashboards,” Archibald said. “We can see if clients have hardened their security policies, applied critical and major patches, are running the latest antivirus signatures, or are using default passwords. This really lets us get the core security signs right, and give assurance to our clients on their full risk and threat profile.”

While it puts a full selection of monitoring and analysis tools at employees' fingertips, getting into the new facility requires the right combination of skills – even for people who aren't trying to wear the white-hat hacker badge.

The need for skilled security staff was a key reason the site was located in Sydney, Archibald said: “we needed to make sure we were based where a resource pool was based,” he explained.

“It has really been a journey around the architecture, integration of controls, threat intelligence, and bringing that into a centralised room and control centre. At the end of the day, clients get transparency and assurance.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags cscsecurity

More about ArcSightCSC AustraliaCSOEnex TestLabHPStrike

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place