Vectra, the network detection and response solutions provider, has announced that Ardagh Group selected the Cognito network detection and response platform from Vectra to expose attackers hidden inside its network and perform conclusive incident investigations.
Ardagh Group makes metal and glass packaging for the world’s biggest brands, producing 35 billion containers a year for food, beverages, spirits and pharmaceuticals.
Trade secrets, intellectual property, human resources and financial payment data make manufacturers like Ardagh Group a lucrative target for cybercriminals. “Rerouting a single invoice between us and our customer could result in the loss of millions of euros. It’s not surprising that every attack we’ve seen involved an attempt to steal,” said David Whelan, group IT director at Ardagh Group.
With 100 manufacturing facilities in 22 countries, the manufacturer needed clear visibility into in-progress attacks that have slipped past its well-crafted defences. Ardagh Group uses Cognito to expose attackers hidden in data centre workloads and user and IoT devices across its global operations.
“Cognito opened our eyes to attacker behaviours in our network that we would not have otherwise seen,” said Whelan.
Cognito accelerates threat detection and investigation using sophisticated AI to collect, store and enrich network metadata, giving IT leaders at Ardagh the right context to detect, hunt and investigate known and unknown threats at scale.
“Cognito offers a better way of identifying if an attacker got past Stage 1,” said Whelan. “If someone is determined to get in, they will. But with Cognito, we can stop threats before they cause damage.”
Ardagh Group has a strong history of data privacy, and Cognito enables the company to protect its assets while complying the European Union General Data Protection Regulation, European Works Council, and other laws. Cognito extracts metadata from packets, rather than performing deep packet inspection, which enables protection without prying and without performance penalties associated with deep packet inspection.