Government Advisory

We offer governments strategic consulting on cyber security, and can help design and implement infrastructure to protect national and local governments, enabling them to respond to any threats in a proactive manner.


National Infrastructure

We can help create robust national infrastructure by providing security frameworks, training and security monitoring, and coordinating security testing with relevant government bodies. Our incident response solutions help contain and address any threats. We can additionally help with proactive techniques such as threat intelligence, helping to thwart attacks before they begin.


Heavy Industry

We understand how to protect the industrial control systems and associated infrastructure that heavy industry depends upon, and can design bespoke information security frameworks and provide incident response and recovery solutions.


Finance & Legal

Financial institutions are leading targets of cyber-attacks and espionage, offering cyber-criminals multiple avenues for profit through extortion, theft, and fraud. Our solutions for the defence of this sector range from security testing and monitoring through to digital forensics and threat intelligence.



Manufacturing is exposed to many cyber risks including intellectual property theft and counterfeiting of designs by competitors; these can cost huge sums in terms of foregone revenues. Our ‘Risk and Governance’ services help maintain control over research and development activities, our training helps manufacturers understand their risk profile and our security monitoring helps alert companies to any threats.



The public disclosure of personal medical records is the primary cyber risk faced by healthcare institutions. We help protect all such sensitive data by means of rigorous security testing and monitoring.


Retail & E-Commerce

Famous retail names are under constant threat from direct hacking, denial of service and fraudulent imitation, which costs them or their customers billions of dollars annually. Our solutions enable the creation of secure, monitored and robust transaction infrastructures incorporating testing, monitoring and incident response capabilities.

Nihon Cyber SIEM



Advanced security intelligence to
help you protect your business

Confidentiality + Trust + Protection

The Strategy

Online attacks can strike at any moment, and breaches can be catastrophic for businesses. Logging is essential to help optimise your recovery and comply with regulatory obligations

01 Recon

02 Lure

03 Compromise

04 Escalation

05 Lateral Movement

06 Domain Compromise

07 Data Theft

Attackers must conduct certain activities to successfully breach and compromise an organisation to steal business data.

Businesses looking to defend their data need to identify and understand attacks at stages 3-5, before it is too late. Identifying a threat at stage 3 can be difficult. As sophisticated attackers have the advantage and are able to go undetected, no solution can offer a 100% guarantee.

This has made the ‘assume breach’ approach the de-facto standard for businesses looking to defend themselves. Fundamental to this methodology is making plans assuming that your system has already been compromised.

Our Security Information & Event Monitoring (SIEM) solution detects threats at stages 4 and 5, allowing you to better identify and respond to attack before it damages your business. This advanced security system provides round-the-clock monitoring and reporting of known attacks covered in the ATT&CK Matrix for Enterprise from Mitre.


The Process

Increased scope

The first step to build an effective Security Information and Event Monitoring system (SIEM) should be preparation, however some aspects are routinely overlooked.

Many SIEM vendors will ship all events to the logging system, creating two problems – ‘event noise’ making incident detection and response harder and increasing cost with extra storage, capacity and licensing implications.

Our advanced SIEM solution includes these benefits

+ Flexible licensing model based on the number of nodes not events per second
+ Filtered events are only sent to the central location reducing cost and improving incident response
+ Helps satisfy data protection requirements such as EUGDPR

SIEM from Nihon Cyber Defence provides advanced visibility into your security events, classifying events within a severity range of 1-100 and featuring easy to use dashboards, allowing your compliance officers to better identify and respond to risk.

For events that score more than 50 on the severity scale, we provide an incident response playbook, enabling you to respond effectively.

Initial Consultation
Carry out security checks
Improve security posture
System tuning
Incident response playbook
Mitigate attack risk

Help protect your business with better

security intelligence

With the financial and reputational cost of data breaches reaching record heights, businesses can’t afford to be complacent. From enhanced event analysis to incident response, Nihon Cyber Defence has the expertise to strengthen your security posture. SIEM from Nihon Cyber Defence offers advanced security monitoring and reporting to help you identify and respond to threats, improve your security and compliance and better protect critical data.