Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Learn about the best practices for developing SIEM use cases. Join our webinar on August 4th.

Overview

Protecting a global manufacturer’s critical systems

An international packaging company was concerned about its security posture after expanding rapidly. By selecting Redscan and ThreatDetect™, the company now has visibility across its global network of offices and strengthened its protection of key industrial control systems against cyber-attacks.

Industry
Manufacturing
HQ
UK

The Challenge

Summary

  • Fragmented IT estate
  • Expanding hybrid infrastructure
  • Legacy control systems

This organisation is a global packaging provider delivering sustainable solutions to the food and beverage, consumer, agricultural and transportation industries. Due to a process of consolidation, culminating in it becoming a globally integrated business, the organisation’s threat profile had increased significantly.

The company was highly aware of the wider cyber security challenges affecting the manufacturing industry and was worried that a cyber-attack could lead to system downtime and negatively impact production and its financial performance.

The manufacturer relied upon a number of specialist industrial control systems running legacy, unsupported software. The company needed to mitigate the risk of being unable to patch critical systems by enhancing its ability to proactively monitor them for threats that might seek to exploit any unpatched vulnerabilities. The company’s decision to migrate workloads to the cloud had also intensified its need to improve threat coverage and visibility.

The organisation had a SIEM system in place, but this offered only limited visibility across its hybrid environment. It did not provide the assurance that attacks would be identified fast enough to minimise damage and disruption. With only a relatively small number of IT specialists for its size, the company also lacked the resources to be able to respond to incidents out of regular business hours.

“Faster incident alerting enables us to better understand what is going on in our network and react more quickly. From an advice side of things, it’s great to be able to talk to knowledgeable people and discuss solutions to help mitigate our security risks.”
Head of IT Security
Global Plastics Manufacturer

The Solution

The global plastics manufacturer recognised the importance of developing a long-term partnership with a top tier Managed Detection & Response (MDR) provider. It identified that Redscan and ThreatDetect™, its award-winning MDR service, would provide the support it needed to hunt for and help shut down cyber threats, 24/7.

By integrating experienced security personnel, leading network and endpoint detection technologies and up-to-the minute threat intelligence, ThreatDetect significantly improves security visibility across the company’s hybrid infrastructure and reduces its mean time to detect and mean time to respond to threats.

Redscan’s Security Operations Centre (SOC) professionals operate as a virtual extension of the team, providing the high-quality insight and guidance its IT team needs to respond to incidents whenever they arise.

To help mitigate the risks posed by the use of legacy systems, endpoint sensors are installed on each of the organisation’s key assets. These capture a range of security telemetry, which is used by Redscan’s specialists to inspect more deeply into the company’s IT systems and hunt for threats.

To ensure that the manufacturer stays fully on top of security risks, Redscan also conducts regular vulnerability scanning and provides support to help address any exposures identified.

The Head of IT Security says:

“Right from the start, I found that the Redscan team were very much on top of their game. From both project management and technical perspectives, I would rate them as excellent.”

The Results

Visibility across a hybrid cloud estate
A key business priority was addressing the risks created as a result of moving operations to the cloud. With ThreatDetect, the company now has visibility across its complete hybrid infrastructure, including its Office 365 environment. To achieve the level of 24/7 security coverage in-house equivalent to that provided by Redscan, the organisation would need to employ ten in-house security professionals.
Deep endpoint detection
The organisation was concerned about being breached without knowing it. Proactive endpoint monitoring enables Redscan to improve visibility of threats targeting its systems. Redscan’s ThreatDetect security professionals use the latest Endpoint Detection and Response (EDR) technology to hunt for known and unknown threats across the company’s hosts. Because the company has many legacy industrial control systems that it is unable to patch or cannot update immediately, it needed to mitigate the risk of them being exploited. ThreatDetect monitors these at-risk systems for threats that might seek to target unpatched vulnerabilities.
Comprehensive security insight
Without ThreatDetect, the company's IT team would not have the time to check whether all the security alerts it receives are valid. Redscan alleviates this burden by investigating, analysing and triaging alerts and sharing genuine incident information securely via CyberOps™, its threat management platform. To help the team swiftly respond to incidents, Redscan supplies high-quality intelligence and actionable remediation guidance.
Fast and effective integration of new environments
Redscan’s implementation team has worked with the manufacturer to define a standardised methodology for service onboarding. This is so that new acquired businesses can be quickly integrated into ThreatDetect and monitored by Redscan.
Monitoring for unverified devices
ThreatDetect is having a significant impact on reducing the number of employees attempting to connect unverified devices to the company’s network. Redscan continuously monitors for employee actions that could introduce new threats and vulnerabilities.
Vulnerability scanning and management
The company identified that it needed to undertake vulnerability scanning to help stay on top of security risks. ThreatDetect harnesses the most up to date scanning tools to ensure that the company is able to proactively identify vulnerabilities across its critical infrastructure and receives help to address them.
Protection against current and emerging threats
Redscan works closely with the manufacturer to continuously improve the company’s service. This is helping the organisation to ensure its security is responsive to changes within the swiftly-evolving threat landscape.
Value for money
In a recent survey, Redscan were awarded 10 out of 10 for value for money and professional manner and stated that it would be extremely likely to recommend Redscan to others.
“With so much organisational change, this is a time of incredible pressure on our small team. Partnering with Redscan is making it easier for us to address the security challenges of business consolidation.”
Head of IT Security
Global Plastics Manufacturer