AI-powered MDR service in partnership with Google Cloud strengthens cyber security for small and medium-sized enterprises

Cyberattacks on small and medium-sized enterprises (SMEs) continue to rise. According to the Cybersecurity Transfer Centre for SMEs, around 80 per cent of all ransomware attacks are now directed at businesses of this size. At the same time, IT landscapes are constantly expanding: cloud applications, mobile devices and networked systems are increasing complexity and widening the potential attack surface. However, many companies lack the human and financial resources to monitor their IT infrastructure professionally around the clock.

Against this backdrop, Vodafone is expanding its range of Managed Security Services. Building on the cyber security centre opened last year, the company is now introducing a new Managed Detection and Response (MDR) service, developed in collaboration with Google Cloud. The solution is based on the Google Security Operations Platform and combines AI-powered security analytics with Vodafone’s security expertise. The offering is complemented by Google’s global threat intelligence, enabling new attack patterns to be detected and assessed at an early stage.

Holistic security monitoring instead of isolated individual solutions

The new MDR service monitors a company’s entire IT infrastructure in real time – from end devices and networks to cloud environments and other networked systems. This makes it possible to identify even complex attack chains that develop across multiple systems.

A key feature of the solution is its openness to existing IT environments. Organisations do not need to replace existing security solutions or infrastructure components. Instead, the service integrates security data from various sources – regardless of manufacturers or the technologies used – and consolidates this into a central overview of IT security.

This approach differs from traditional security solutions, which are often limited to individual platforms. Particularly in legacy IT environments with heterogeneous systems, this provides, for the first time, end-to-end visibility into all security-related events.

Artificial intelligence accelerates detection and response

The technological foundation of the service is Google Security Operations. The platform processes large volumes of data from a wide variety of sources, correlates security events and uses artificial intelligence techniques to detect, prioritise and classify threats more quickly.

This is supplemented by information from the global Google Threat Intelligence service. This combines global threat data, insights from real-world cyber-attacks and information from an international security community, thereby improving the early detection of new attack patterns.

“Many companies today do not have a complete overview of their IT security situation. This is precisely where we come in. We combine state-of-the-art AI technology with our own security expertise to create a solution that monitors the entire IT infrastructure – regardless of which systems are in use,” explains Marc Atkins, Head of Vodafone’s Cyber Security Centre.

Security Operations Centre monitors around the clock

At the heart of the Managed Detection and Response offering is the Vodafone Business Security Operations Centre (SOC), which is operated in Germany. There, security experts monitor the connected systems around the clock, analyse security-related events and, where necessary, coordinate the response to incidents.

The service specifically addresses a problem faced by many medium-sized enterprises: the lack of a comprehensive overview of their IT security posture. Continuous monitoring enables suspicious activities to be detected at an early stage. Security incidents are analysed automatically and – depending on their criticality – dealt with immediately.

This involves the interplay of automated processes and the expertise of security analysts. AI-powered analyses evaluate incoming alerts, prioritise risks and place them in their respective context. This significantly reduces response times and minimises potential damage.

Enterprise-level security for SMEs

With the new MDR service, SMEs gain access to enterprise-level security capabilities without having to set up or operate their own Security Operations Centre around the clock.

A prerequisite for using the service is an existing Endpoint Detection and Response (EDR) solution that provides the necessary telemetry data from end devices. On this basis, Vodafone takes charge of the continuous monitoring, analysis and prioritisation of security incidents and supports companies in detecting cyberattacks at an early stage and responding to them effectively.