Skip to main content
Self Assessment

Managed Security and Incident Response Services

Item to of items
Sort By:
TrustCSI™ MSS
TrustCSI™ MSS
What is the functions of the solution/service?
CITIC TELECOM CPC (“CPC”) TrustCSI™ MSS Service (the “Service”) is a 24/7/365 managed integrated security service that monitors and collects system logs from customers' security devices, such as firewalls, IPS, servers, UTM systems, and databases. After collecting logs from the customer’s site, the TrustCSI™ MSS SIEM platform will aggregate them and send them to CPC's 24/7 Security Operations Centers. The TrustCSI™ MSS Service effectively protects customers' IT infrastructure by recommending that they take swift action against security incidents.

What is the characteristics/selling points of solution/service?
• People | Dedicated Team of Security Professionals --- Striving for service excellence, CITIC Telecom CPC security professionals are 100% certified with international security programs such as CISA, CISSP and CompTIA Security+. With CITIC Telecom CPC, a reliable and trusted managed security service provider, organizations have access to the most skillful security experts in APAC region, certified in a wide range of technologies.
• Process | World-class Security Operations Centers (SOCs) --- CITIC Telecom CPC is one of the pioneers in operating SOCs with 20 years of experience. We now have 3 top-tier SOCs in Hong Kong, Guangzhou, and Shanghai, holding international certifications including ISO9001, ISO14001, ISO20000, ISO27017, and ISO27001, along with ITIL compliance. This ensures our TrustCSI™ MSS delivers consistent, industry-best threat and policy management.
• Technology | Advanced Security Information and Event Management (SIEM) Technology --- TrustCSI™ MSS leverages a state-of-the-art SIEM platform for correlation and classification, processing billions of events daily. We accurately and promptly identify real threats for rapid remediation, while customized rulesets tailored to each customer significantly reduce the time spent analyzing and correlating security logs.
Provided by:
CITIC Telecom International CPC Limited
Attack and Defense Drill Services
Attack and Defense Drill Services
CMHK attack and defense drill services simulate real-world cyberattacks for enterprises, helping them identify security vulnerabilities in their network environments, validate their existing cybersecurity capabilities, enhance their emergency response procedures, and meet compliance requirements. Our attack and defense drill services focus on three key areas:
1. Simulated attack: Red Team testing based on real-world attack methods;
2. Defense assessment: Professional blue team testing and defense capability verification;
3. Attack and defense confrontation: Comprehensive testing and drills are conducted through full-process attack and defense drills, including network protection and key security services, to enhance cybersecurity capabilities.
The attack and defense drill services consist of four phases:
1. In the preparation phase, we conduct preliminary research, including network architecture inspection, network environment research, traffic threat analysis, rule and process preparation, and defense organization development.
2. During the remediation phase, CMHK will first test and harden the entire network environment to fully prepare for the subsequent attack and defense phases. Key activities include: internet asset scanning, vulnerability scanning, penetration testing, security baseline/configuration checks, high-risk policy checks, security awareness training, phishing drills, and security device deployment and hardening.
3. During the attack and defense phases, the Red Team will conduct simulated attacks based on real-world scenarios; while the Blue Team will defend the infrastructure, either on-site or remotely. The frontline 24/7 monitoring team and the second-line security analysis team will collaborate to conduct real-time detection, emergency response, protection verification, and threat attribution.
4. During the summary phase, CMHK will review the drill results and provide a detailed report with improvement recommendations. Based on this report, remediation plans and long-term protection strategies will be provided to ensure the continuous optimization and improvement of the enterprise's security capabilities.
Provided by:
China Mobile Hong Kong Company Limited
Cybersecurity Management Services
Cybersecurity Management Services
Cybersecurity management services aim to provide enterprises with comprehensive, full-lifecycle cybersecurity protection and platform capacity building support.
Service Scope:
1. MDM (Mobile Device Management) Deployment Service
Focusing on the security and compliance of endpoint devices throughout their lifecycle, we provide comprehensive inventory and status tracking for enterprise device assets, and remotely configure and maintain equipment. We integrate security measures such as identity authentication, application whitelisting, and encrypted data transmission to enable personnel in specialized industries to securely and efficiently access critical business data in emergency scenarios.
2. Managed SIEM(Security Information Event Management) and SOC (Security Operations Centre) Service
Build a 24/7 security operations hub, centrally collect enterprise logs, and conduct multi-dimensional data correlation analysis based on threat intelligence. We also establish a 24/7 security monitoring system, providing real-time early warning and automated emergency response, while also supporting attack tracing and tiered response.
3. PAM (Privileged Access Management) Managed Service
Focusing on the security control of high-privileged accounts, we provide centralized management of privileged accounts, optimize access approval processes, and enable dynamic permission allocation. We also assist with the deployment of the PAM platform and generate audit logs and compliance reports.
Service Features:
1. Managed Service: This multi-module managed service eliminates the need for enterprises to invest extensive manpower in establishing an operations and maintenance team. CMHK's professional team will oversee platform deployment, daily operations, and iterative optimization, significantly lowering the threshold and cost of enterprise security operations.
2. Full-Scenario Coverage: From device management and real-time attack detection to internal permission management, we form a closed-loop defense system to meet the complex security needs of multiple industries.
Provided by:
China Mobile Hong Kong Company Limited