Monitoring keeps the business newspaper Børsen at the forefront

To fight against the ever-increasing cyber threats the newspaper Børsen entered a partnership with Nixu and started using Managed Detection & Response solution and Threat Intelligence tools. These are some of the latest weapons available for use in combatting cyber criminals, which were previously reserved for nations and the very largest global groups.

Cybersecurity must have top priority at Børsen. The threat level of cyber-attacks is ever increasing, and the consequences of a successful attack may, ultimately, mean fake news on the site, theft of confidential information or quite bluntly: That the newspaper is not published.

Therefore, the business newspaper has chosen Nixu to provide support in this important work.

- An entire newspaper production process is lost if we experience an IT breakdown, and that costs us a lot of money. The attacks become more and more sophisticated, so I feel more confident that we have an external partner to handle the task, says Brian Skibby, IT Manager at the newspaper Børsen.

Nixu provides Managed Detection & Response services as well as Threat Intelligence for a number of Danish enterprise clients the expert team is ready around the clock at the Nixu Cyber Defense Center to respond to potential threats against clients.

- It is my impression that we are well prepared in the arms race with the hackers, and the tools are affordable, Skibby states.

"I sleep well at night"

Acknowledging that there is not one technology that can protect against all threats, and that it is a full-time job to keep updated on the actual threat landscape many, among them Børsen, choose to get external support:

“With a Managed Detection and Response solution, I am able to sleep at night”, Skibby says.

A Managed Detection & Response solution contains all the important elements of Information Security. That means monitoring, advice, training, analysis and testing. Threat Intelligence is about scanning the internet for threats everywhere, such as in forums on the “dark web” where vulnerabilities and stolen passwords are exchanged, and where vulnerabilities in disseminated software, or an error in a patch, are available to cyber criminals – as well as other titbits of sensitive information.

However, the solutions also contain an algorithm that can react to suspicious conduct among internal users, which Børsen has used to detect if employees have visited the “dark” side of the internet.

- We are instantly informed if a user has visited the dark web, so we have been able to nip these situations in the bud. Sometimes the user is not aware that they have been in unsafe places, and other times they know it, says Skibby.

Intelligence work depicts the threat scenario for Børsen

The part of Nixu that is in charge of the “intelligence services” depicts a real threat scenario and makes it possible to adjust security according to what could be expected to take place. That is a guide to the Børsen security team.

- We receive notifications about what we should prioritize shutting down or updating. It is impossible to have the overview ourselves. We also receive notifications that we should not use certain patches. It is not only about Windows and Office, but also about widely used programs such as Acrobat and others, he says.

But when it becomes overwhelming, Nixu is ready to take over.

- If we experience some foul play on our network, Nixu will take over the task. They know our network and structure, how it is designed. Time is a decisive factor for how quickly you can recover, says the IT Manager.

Børsen now has specific procedures according to the type of warning.

- The most important thing is that we involve users to the greatest extent possible. We talk a little louder than usual when we address individual users, so those in close proximity will hear our conversation, he says and continues:

- That also has a preventive effect: When the employee has received a call once from an IT employee who says that we are keeping an eye on things, then they are more in an “alert mode”. Having security visible in this way results in user confidence.