Cybersecurity Intelligence Response Center

Cybersecurity Intelligence Response Center
Cybersecurity Intelligence Response Center


A hacker’s motivation can be personal, political, criminal, financial, or purely opportunistic. Organisations relying on technology solely to deliver an effective security monitoring solution will find they fall short time and again when combating these intrusions.

IT security is like a chess game – and the IT department must be steps ahead of their cyber opponents, waiting and ready with an arsenal of technology, people, processes and prowess. To combat the onslaught of threats that surround business today, security professionals need to change the way they deliver protective services.

Protiviti’s Cybersecurity Intelligence Response Center (CIRC) professionals work with clients to drive large security endeavours successfully by focusing on people and processes aligned with risk. These are often the overlooked factors of success or failure in security operations. Protiviti’s clients understand the critical interaction among their technology, people and processes to enable them to map IT security to risk strategies more effectively.

Our solutions include:

Advanced Hunt Teams

Unknown threats continue to evade security monitoring programmes and pose significant risk to any enterprise. Use cases are not enough. Protiviti helps clients develop Advanced Hunt Teams that use a suite of techniques to provide visibility to these unknown threats.

Cyber Threat Intelligence

Cyber Threat Intelligence provides an understanding of the bad actors trying to do harm to your enterprise. Protiviti’s Cyber Threat Intelligence solution helps clients with developing a comprehensive capability to increase visibility and to assist in the decision making process. This holistic approach includes the planning, collection, analysis and integration into your security monitoring program.

Fusion Centers

Any CISO with a mature security monitoring program, has the opportunity to partner with peers inside of IT or outside of IT in order to create an enterprise operations capability. This ‘fusion’ of security monitoring programmes with other operations comes in many different forms. Protiviti helps clients with strategy, architecture and implementation of Fusion Centres to provide broader value to the enterprise.

Security Orchestration and Automation

Next generation security monitoring programmes rely upon orchestration and automation to drive efficiencies, standardise the investigative process, and reduce errors and omissions that occur during incident investigations. Protiviti helps clients automate their investigative process using any security automation and orchestration platform.

Correlation and Analytics Fabric

Leveraging the combined intelligence across all platforms is a requirement for Next Generation security monitoring programmes. Cross correlation can take place on any number of platforms, but without the appropriate maturity, these platforms are not only costly but ineffective. We help clients develop a programmatic approach to correlation and analytics to ensure maximum value to help decision-making.


Detection of Insider Threats has become a C-level concern. The application of algorithms and specialised statistical analysis form the Behavioural and Machine Learning capabilities of UEBA/UBA platforms. Protiviti helps clients with determining the optimal UEBA/UBA strategy and maximising the value of UEBA/UBA regardless of the platform.

Cyber Security Academy

There are two common personnel issues in nearly every security monitoring program.  First, high rates of attrition from qualified analysts results in inefficient monitoring.  Second, the hiring of unqualified analysts results in ineffective monitoring.  Protiviti’s Cyber Security Academy helps clients reduce the risk of both issues.