Open Line's SOC thinks differently

Valencia was the beautiful setting for the second edition of the Open Line Security Summit (OLSS 2023) from July 5 to 7. Open Line, a Dutch specialist in managed cloud services, organized that event for IT leaders. Among other things, they got to see how the local Risk Based Security Operations Center (SOC) secures their IT environments anywhere in the world against online threats. Daniel van Slochteren, Chief Innovation Officer, talks about it in an interview with Dutch IT Channel and Dutch IT Leaders.

"We have a great program where we have several manufacturers speaking at a strategic level," Van Slochteren says on the eve of the event. "What's special is that they may only be present for one day. That is a conscious choice. We invited a select group of about 30 CIOs and CISOs whom we want to give the best possible picture. So every day there are a number of new manufacturers they can get to know. That creates a nice dynamic. We also have external specialists speak, for example, from the university here in Valencia that we work with. They talk about topics such as AI."

SOC in Valencia

Van Slochteren was CEO of cybersecurity specialist Kahuna until the fall of 2021. That was acquired by Tesorion, but Kahuna's SOC in Valencia, set up by Van Slochteren, was sold to Open Line. Van Slochteren moved with it. Open Line is a managed cloud services specialist that offers a range of cloud, workplace and security solutions, plus industry-specific solutions in sectors such as housing, government, logistics and healthcare.

The SOC in Valencia has a special history. Van Slochteren is active in motorsports and, as a result, often - and gladly - visited the Spanish coastal city. "I found out at one point that it has a huge technical university (Universitat Politècnica de València, ed.) t. At Kahuna, we had the challenge of finding and retaining well-trained staff. I wanted to come up with something on that. I made contact with the Valencia campus and started giving guest lectures and organizing SOC visits. We also invited good Spanish students to graduate in the Netherlands." This eventually created Kahuna's own SOC in Valencia. The connection with the university only grew stronger over the years: Van Slochteren is even currently on the advisory board.

Digital risks

As mentioned, both Van Slochteren itself and the SOC in Valencia moved to Open Line just under two years ago. "Many of Open Line's customers outsource some or all of their IT. They use our data centers, possibly in combination with the cloud. We provide our services on top of that. Organizations such as housing corporations, water boards, municipalities and logistics companies increasingly want some form of SOC services in addition. However, cost is an obstacle."

Risk-based SOC

That's where Open Line has come up with something innovative. "Our SOC is a Risk Based SOC. We look at the biggest digital risks for our customers. We translate those into scenarios and then into use cases with the corresponding tooling." Open Line thus focuses on what really matters to the customer. "We have devised a model where we work with customers to understand their risks. Then we peel that off so that we can focus on that. We set up a kind of menu, focusing on relevant logging linked to a risk. For example, maybe there is a fear that people can break into financial systems. We then develop specific risk-based use cases for that. It's a very different way of thinking. As a result, the costs are much lower and more predictable."

This different way of thinking should bring business and IT closer together. "During my career, I have often noticed that there is a big gap between them. Our industry is often too technology-driven, whereas what matters is what the business objectives are. If the IT department finds that as an organisation you need a new firewall, how often do executives get holistic advice based on your future plans? Because of this gap, directors of organisations are also often not sufficiently aware of the digital risks, so they do not see the need to take measures or instead make expensive investments that do not pay off in the end."

Open Line has a distinctive approach in its SOC in other respects as well, Van Slochteren stresses. "SOCs are used to monitor and, in addition, sometimes manage firewalls and endpoints. But there is no grip on routers, switches and workstations, for example. Such a fragmented situation can be fatal if there is an incident and every second counts. We therefore do the management as well as the monitoring."

The SOC, now that it is under the banner of Open Line, has been rebuilt technically. "We went looking for a future-proof and flexible platform that gives us the freedom we need with our approach. That is now in place."

Strategic support

Open Line, even apart from just security, is interesting to an IT manager or CIO for several reasons, Van Slochteren believes. "First of all, we have two of our own data centers in the Netherlands. We can guarantee that data stays in the Netherlands, which is important for more and more organizations. In addition, we are a Microsoft partner, so we can also build a hybrid environment. Better yet, 100% of our customers have a hybrid cloud. By the way, Open Line is a perfect flexible shell. As an IT department, it is almost impossible to keep up with everything in terms of knowledge, technology development and resources. With us, you can decide whether to outsource everything or just a part, such as the server environment. In addition, we can support clients on a strategic and tactical level when it comes to digital risks. We help them get the governance but also the technological side in order. As a result, you no longer invest in solutions you don't need or that add little extra security. In addition, we also help roll out the roadmap toward the future."

"The type of attacks are changing," he notes. "There is more encrypted traffic. With a new generation of firewalls, we are responding to that. We are also doing more with threat intelligence. We are providing new services on that, looking more closely at what is happening outside of us. We're also doing more and more with Web applications, and within the SOC we're going to deliver threat hunting. And we have a solution with immutable storage that ensures that storage can't be changed, which offers great benefits in recovery after a ransomware attack. But again, we always look first, based on the risk profile, at what is relevant to the customer."

Open Line: Your reliable and innovative Cloud Solution Specialist

Open Line supports and advises clients in various sectors when it comes to the design, construction and management of complex ICT outsourcing and other projects. Our Managed Services concept offers a complete set of Smart Cloud services that help clients to achieve their business and digital objectives.

All sectors have challenges to face and no two organisations are alike. Although our products and services are sector-independent, every sector requires a personal approach. As an independent service provider, we put ourselves in your shoes so we know what motivates you. Only then can we deliver what we promise you.

Our view is that client relationships go beyond a consultation or an ICT project. Every outsourcing or other relationship is unique as far as we are concerned. We are both partners and advisers to our clients and are proud of our client references and enduring relationships that underscore that fact.

Our focus? Supplying added value by excelling in the technical domain of your information provision in design, construction and management of Cloud infrastructures.