Like what you see so far?

Sign up for our newsletter and get great content delivered straight to your inbox.

Client Story

North American Manufacturer Tackles Global Security Challenges with Managed SIEM

Major manufacturer with global operations addresses the security risks that come with rapid expansion through acquisition as they are faced with integrating new people, practices, and policies into their IT security operations.

North American Manufacturer

Cambridge

Manufacturing

Objective

Implement a response based security operation with increased focus on monitoring and additional response preparedness.

  • North American manufacturer with multiple locations and significant global presence
  • Publicly Traded Company
  • 2500+ employees
  • Security information and event management
  • 24 x 7 x 365 SOC to manage SIEM environment
  • Security analysts available to respond to incidents

Our Approach

A major North American manufacturer with global operations was undergoing rapid expansion through acquisition. While these acquisitions were critical to the growth of the organization, they introduced new security risks and added complexity as IT leaders were faced with integrating new people, practices, and policies.

The traditional anti-virus prevention approach to security was no longer adequate and the client was frustrated with their lack of a cohesive approach to security. They understood steps needed to be taken to implement a response based security operation with increased focus on monitoring and additional response preparedness.

While most companies focus on preventing attacks at the edge of the network, this manufacturer was interested in working with us to develop an approach that put more emphasis on security monitoring and response.

We brought in a team of security experts to work with the customer to develop an effective security strategy. “We believe that the traditional approach to security needs to change. Even some of the largest organizations with extensive security budgets have been compromised,” said Ryan Wilson, Chief Security Advisor at Scalar.

 

We believe that the traditional approach to security needs to change. Even some of the largest organizations with extensive security budgets have been compromised.
Ryan Wilson

Ryan Wilson
Chief Security Advisor, Scalar

A team of trained professionals are available to recognize an attack, quarantine infected machines, and close the threat permanently

Solution

The client opted for a managed security information and event management solution (Managed SIEM) which provides real time analysis of log file data from any number of endpoints. The Splunk App for Enterprise Security was deployed, providing constant monitoring at the many edges of the network, as well as the internal activity behind the firewalls and front lines. When threats are detected, a team of trained professionals are available to recognize an attack, quarantine infected machines, and close the threat permanently. This team monitors the environment on a 24 x 7 x 365 basis, responding and reacting rapidly, cutting off attacks before they can do real damage. At the client’s request, they were able to leverage their traditional infrastructure stack, whereby they own the hardware, while we monitor the SIEM system via a VPN tunnel.

SIEM is an ever evolving tool based on the amount of data it collects over time – it is like a net that just keeps getting tighter and tighter around the environment. There are always holes that need to be plugged. Once a pattern of activity is recognized, we use that information to create new rules to block that issue from happening again
Mike Morrison

Mike Morrison
Account Executive, Scalar

With a successful pilot project implemented and running for all North American locations, the service is now being deployed across the global operation in two additional continents. Reporting continues to evolve with the development of comprehensive custom dashboards that provide live interactive views that can be accessed on demand.

Outcome

  • Fastest possible remediation to security incidents, which limits damage and risk due to exposure
  • Client no longer needs to hire, train, and keep a large security staff
Need Help?

Speak To An Expert

1-866-364-5588

How can we help?

We love talking about this stuff so if there's something on your mind and you're not sure how to go about executing it, set up a conversation with one of us.