Protecting a global shipping business against ransomware
One of the world’s largest shipping companies wanted to become more proactive in its approach to cyber security, particularly in relation to the detection of ransomware. Working with Redscan gives the company greater visibility across its global network of offices and ships to better detect and respond to threats when they arise and ensures that appropriate controls and processes are in place to meet its compliance obligations.
- Globally dispersed network
- Hybrid infrastructure
- Strict compliance responsibilities
This organisation is one of the world’s largest shipping companies, with more than 135 years in the industry. The company provides integrated maritime solutions through nine ship management centres worldwide and manages around 600 vessels, with 20,000 employees on shore and at sea.
Following the NotPetya malware attack which affected three of shipping giant Maersk’s global businesses in 2017, the team were only too aware of the damage that cybercrime could inflict on its operations, finances and reputation. The NotPetya attack spread throughout Maersk’s IT operations, forcing it to undertake a complete reinstallation of its infrastructure, including 4,000 servers and 45,000 PCs, and costing it $300m USD.
While the organisation had some security controls in place to support threat detection, these did not provide visibility across its complete hybrid cloud infrastructure, encompassing Office 365. Nor did they provide confidence that attacks would be identified quickly enough to minimise potential damage and disruption.
With only a relatively small number of IT specialists for its size, the company wanted to identify a third party to help alleviate the demands of day-to-day threat detection, enable it to be more proactive in its approach to cyber security and mitigate future security risks. They also needed to ensure that appropriate controls and processes were in place to meet all its data protection obligations, including the ability to detect and report breaches in line with the GDPR.
- Long-term partnership
- Comprehensive security monitoring
- Addressing threats 24/7
The business was looking to build a long-term partnership with a top tier MDR provider. Its choice was based on a range of criteria, including technical expertise, approach to threat detection and quality of customer references. After spending some time identifying the security partner that would best meet its requirements, the shipping company selected Redscan and its Managed Detection and Response service. It was also impressed by the personal touch that the Redscan team demonstrated in proposing a solution that would best meet its threat detection requirements.
The Head of IT says:
“Redscan was the company which met all the criteria we had in mind. I always pay attention to personal relationships with potential partners. Right from the start, I had an Account Manager working with me helping me to identify the best solution for our needs and providing the information I needed to make my decision.”
While the personal aspect was an essential part of its decision to work with Redscan, so too was the turnkey nature of the service – which supplies the people, technology and intelligence the company needs to identify and respond to both current and emerging cyber threats, 24/7.
The company recognised the value of MDR in improving visibility across its infrastructure and the impact the service would have in driving a reduction in the mean time to detect and the mean time to respond to threats. Our Security Operations Centre (SOC) professionals operate as a virtual extension of the team, providing the high-quality insight and mitigation guidance its IT team need to respond to incidents whenever they arise.
To ensure that the organisation’s security is as robust as possible, Redscan also conducts managed vulnerability scanning and CREST-accredited penetration testing to help identify and address vulnerabilities across its global infrastructure.
The Head of IT adds:
“The human factor is something I’m always looking for. I don’t want to talk with bots – I want to talk with people. This personal approach is something I noticed from my first engagement with Redscan and it is still true today.”