Many CNS Complete Care network management clients are securing the services of third-party network security vendors to provide cyber security management and oversight of their networks.

CNS strongly recommends that all Complete Care managed clients have a third-party security operations center vendor (sometimes known as a SOC) that specializes in cyber security monitoring and alerting, as the Complete Care management service is not a cyber security management service.

CNS can assist your credit union with the implementation of third-party SOC services as a custom project. Please contact us for details or to arrange a quote.

What do you need to know about how CNS works with third-party SOCs?
  1. CNS is not a SOC and doesn’t provide SOC services.
  2. CNS can assist you with implementing a third-party SOC service by helping deploy their end point software clients and configuring the network to match the SOC’s requirements.
  3. SOC requirements are the responsibility of the SOC. CNS will only implement per the written requirements of the SOC.
  4. Your SOC vendor is responsible for configuring relevant filters and alerts for your network. They will customize these settings based on their work with you.
  5. CNS is not responsible for SOC-generated alerts and does not monitor for them.
  6. All SOC-generated alerts are your responsibility. CNS has no visibility into SOC alerts and cannot provide guidance on individual SOC alerts or make determinations about their severity.
  7. Clients with questions about SOC-generated alerts should work with the SOC to understand them and the implications within their network.
  8. If the client wishes to have CNS participate in responding to SOC-generated alerts, the following will be in effect:
    1. CNS will treat such review as a regular (i.e., medium) priority and will slot the work for the next available technician.
    2. CNS will assess its normal hourly rate for review of the alert.
    3. CNS requires a three-way Zoom (or equivalent conferencing platform) conference with the credit union and a technical representative from the SOC for any requested reviews of SOC-generated alerts.
      1. This will allow for questions to be asked directly to the SOC by our team to minimize the chances of a misunderstanding.
      2. These conferences must be scheduled by the credit union in advance with CNS at a mutually agreeable time.
      3. CNS will follow the SOC’s lead regarding remediation.
    4. Time is often of the essence in responding to SOC warnings. If you want a faster review of the alert, CNS will charge our standard hourly rate for priority cybersecurity response (currently $195/hour).