Blackthorn

Blackthorn CND

CND Computer Network Defence is a pressing problem for those tasked with both national security and the security of large scale corporate networks. The many activities involved in protecting network servers and the applications that they support the interlinking components and nodes and the client systems that access the networks are increasingly complex and the ability to directly relate the security demands to actual operational risk seems an almost insurmountable problem.

Blackthorn CND is the ideal and unique system that enables those tasked with the protection of computer networks to manage the range of activities needed to maintain a high degree of control and oversight.

Many vendors attempt to address the challenge of CND with purely technical solutions, yet this approach leaves both network security professionals and their Managers with a fragmented set of disparate tools and procedures. Blackthorn CND doesn't attempt to interfere with the toolsets in which CND professionals often have high degrees of investment. Instead it tackles the organisational problems, enabling teams to work in a highly collaborative and repeatable way and joining data from the operational coal-face with tactical and strategic layers in an infinitely flexible way. Blackthorn CND is the oil in the gears of effective command and control.

Blackthorn CND comes out of the box with terminology, activities and workflows defined and built by subject matter experts in the field. The addition of further activities specific to each team or application is a breeze and organisational team structures can be easily modelled exactly to reflect perfectly the operational, tactical and strategic arrangement of key personnel. Key activities are defined as follows;

  • Reactive
    • Incident response: an activity and associated workflows to manage the complete range of information security incident types that occur in the field of CND.
    • Case management: a more specific activity focussed on the forensic investigations into network and host-based security breaches and computer misuse.
    • Secondary impact events: an activity designed around the management of consequential issues that emerge from CND incidents.
  • Proactive
    • Accreditation: a set of activity types designed to support the accreditation of critical network systems, applications and services.
    • Security review & audit: an activity that supports a range of assessments of physical, technical/logical and organisational controls.
    • Security tests: the management of activities such as vulnerability and penetration testing on systems and applications, social engineering and tiger tests.
    • Security awareness: activities that support the campaigns and processes related to educating and reinforcing the need for security of computer networks.

Joining up various activities needed for a complete CND operation is a key factor in the successful fight against threats which are increasingly realised in extremely short timeframes.

One primary function of Blackthorn CND is the ability for users to rapidly gather intelligence about the various activities that are managed. A design feature of the Blackthorn system is the ability to rapidly collect data in a way that is akin to "natural thinking" with the result being that users need to spend as little time as possible working in Blackthorn, allowing maximum time for proactive and reactive work on the tasks at hand.

Real-time reporting is an important feature in Blackthorn CND and a suite of fully customisable dashboards is delivered to enable key information to be communicated within the command chain. New dashboards can be created on-the-fly presenting information that is filtered and accessible on a need to know basis determined by the Blackthorn Role-Based Access Control (RBAC) system.

Task assignment and monitoring is seamlessly achieved both through the web browser and integration with email and SMS services.

In any reactive (and even some proactive) activities, the ability to visualise a situation is vital to successful outcome. Blackthorn CND provides an integrated Canvas function enabling individuals and teams to build pictorial views and representations of scenarios such as network intrusion, information loss or theft and malicious attacks. The Blackthorn Canvas is ideal for briefing and delivering accurate and timely situational awareness.

BTSupport News

QCC Information Security

Internet Explorer 6 Users

We've detected that you're using IE6. We strongly urge you to upgrade your browser for both web compatibility and security reasons.

You can find the latest versions of all modern and standards compliant browsers in the links below. In the meantime, click here to continue with your visit to QCC.

Yours sincerely,

The QCC Information Security Team +44 (0) 20 7353 9000