In keeping with our tradition, we’re pleased to share an overview of Black Cell’s achievements in the rather turbulent year of 2023 – rough seas make great sailors after all! First and foremost, we extend our sincere appreciation to our valued customers, whose continued trust has been instrumental in empowering them to combat cyber threats effectively and bolster their resilience. We also acknowledge the dedication of our team, whose tireless efforts have enabled us to pursue ambitious goals and navigate the challenges of the past year.
Let’s delve into the numbers! Black Cell experienced a notable 40% YoY increase in cumulative revenue for 23H2. The Hungarian market witnessed 36% growth, while exports to the US and UK saw a remarkable 60% surge. Moreover, intra-EU (excluding the domestic market) exports recorded an impressive 86% YoY increase. The cumulative revenue for the entire year amounted to 1,789 billion HUF, marking a 30% upturn compared to 2022. Hungarian sales rose by 28%, while exports increased by 52% to 204 million HUF. These higher revenues were achieved through significant efficiency gains, with only a 15% increase in the number of employees.
Black Cell’s Fusion Center leveraged the ELK Stack to develop our Extended Detection and Response (XDR) offering based on Elastic. This proprietary service stack encompasses user behavior analytics, network security monitoring (NSM), as well as OT/ICS/IoT security, in addition to conventional logging and monitoring capabilities.
The Fusion Center team also strives to improve and streamline our existing security technology stacks. Besides continuously implementing new use cases and fine-tuning existing detection capabilities, we have put significant investments into optimizing our processes. More specifically, we have begun expanding our SOAR capabilities by automating several manual non-decision-critical investigation steps to ensure we only focus our investigation efforts on high quality actionable evidence. In certain customer environment and security product combinations we have been able to reduce alert fatigue by up to 90%, ensuring the greatest possible productivity when investigating incidents. This not only enables the growth of Black Cell, it also facilitates even better response times and lower false positive rates for our customers.
The Fusion Center:
- Handled over 76,000 alerts, ensuring prompt attention to potential threats.
- Raised and meticulously investigated over 5,500 incidents in collaboration with our valued customers, ensuring thorough examination and resolution.
- Proactively eliminated more than 250 mass phishing cases, safeguarding against large-scale attempts at data compromise.
- Swiftly mitigated over 200 breaches and compromise attempts in their initial stages, preventing potential data breaches and minimizing damage.
- Identified and effectively mitigated over 20 advanced (APT) cases in later phases of the cyber kill chain, showcasing our capability to counter sophisticated cyber threats.
Additionally, our Fusion Center recognized the following top 5 MITRE techniques prevalent in cyber attacks during the year:
- T1078 – Valid accounts: Originating from 3rd party data breaches and credential stealer malwares on private / home devices.
- T1598 – Phishing for Information: Spearphishing Attachments and links with various redirections and obfuscations.
- T1595 – Active scanning: Generic unwanted port and vulnerability scan activities from bots and botnets.
- T1574 – Hijack Execution Flow.
- T1218 – System Binary Proxy Execution.
The Offensive Security team’s phishing simulation service has helped many clients to raise their information security awareness by providing a customized replication of real-world attacks and specialized awareness trainings. In last year’s baseline phishing tests, we found penetration rates up to 65%, which improved to below 20% in the second-round tests thanks to our tailored awareness training.
Furthermore, our Cloud Security business unit attained the advanced Identity and Access Management certification from Microsoft. This milestone underscores Black Cell’s readiness to address cybersecurity challenges arising from the proliferation of applications, devices, and users within and outside corporate networks. It highlights the shift towards advanced identity-based protection mechanisms over traditional boundary defense strategies. Additionally, we introduced proprietary vulnerability management that leverages the strength of the Vulnerability Management module enhanced with exploit prediction and years of penetration testing experience to provide remediation priority recommendation, as well as end-to-end incident management services seamlessly integrated with Microsoft’s Modern Work and Azure workloads, to numerous clients. Moreover, we published several offerings in Microsoft’s AppSource and Azure Marketplaces, focusing on MDR and Fusion Center services.
In pursuit of expanding our international presence, Black Cell was honored with an invitation from the Ministry of Foreign Affairs to participate in a cybersecurity roadshow in Benelux, aimed at fostering European cooperation among leading Hungarian and local cyber players. Another significant milestone towards the end of the year was the launch of Black Cell Cybersecurity Services UK Ltd., marking our entry into the UK market. We are excited to announce that following the establishment of a local office in 24H1, we will be fully equipped to serve clients locally.
Looking ahead, it’s essential to take a moment to reflect on 2023 and recognize the forthcoming challenges and opportunities. Particularly, we should be aware that NIS2, a major EU cybersecurity legislation, will come into force in 2024. Our Compliance team dedicated last year to preparing solutions for our customers to effectively meet the requirements. NIS2 represents a significant opportunity for many organizations operating in critical sectors to ramp up their cyber capabilities across various domains. Its controls encompass essentially all cyber domains, including areas of growing importance such as supply chain security, vulnerability management, and role-based awareness to combat phishing.
Author
Béla Droppa
COMPLIANCE MANAGER
Related Posts
Tool Tip: How to create honey folders?
In today's blog post, we will be going over how to create honey folders with no additional...
Cybersecurity Tool Spotlight: DeepBlueCLI
Searching through Windows event logs can be a daunting task even for the most seasoned...