No more sleepless nights for IT Director at wheel manufacturer following security overhaul

assets/files/images/23_02_23/bigstock-businessman-showing-warning-ic-469060917.jpg

moveero is a global manufacturer of wheels for off-highway equipment in agriculture, construction, material handling, forestry, and mining, that also specialises in structural assemblies for the automotive market.
  
Headquartered in the US, moveero is a global company with manufacturing facilities in the US, UK and Denmark, and research and development centres in the US and Italy.


Charged with keeping the growing business safe from cyber threats, Global IT Director Faisal Jaffri found himself with a small team and a security strategy reliant on third-party support for threat detection and vulnerability management. His team was focused on the basics, such as patching and making sure antivirus software was up to date. Building out an internal team to monitor moveero’s environment for threats and respond when something is detected wasn’t a viable option.
  
“We didn’t have any threat detection capabilities, and we certainly didn’t have any playbooks or a model for how to respond to an attack if one occurred,” Jaffri said. “What kept me up at night was how do I know if we’ve been breached, and what would we do in the event of a breach. It would give me sleepless nights.”
  
When it came to managing vulnerabilities, moveero’s previous solution was difficult to configure and only allowed a point in time vulnerability assessment. The solution did not have a mechanism to continuously scan for vulnerabilities, or the ability to prioritise those vulnerabilities based on the level of risk posed.

Solution

Even if moveero possessed a security platform, Jaffri said his team could not scale to manage their security on their own. That led him to look for a solution combining technology – driven by advanced analytics and machine learning – with human intelligence from a team of security experts. Additionally, moveero wanted a vulnerability management solution that provided more than infrequent point-in-time assessments.

The Secureworks Taegis platform collects telemetry from all aspects of a customer’s environment, including endpoints, network, cloud, identity, and other business systems. Taegis ManagedXDR is a 24/7/365 managed detection and response (MDR) solution that delivers around-the-clock monitoring, threat detection and vast security expertise. Taegis VDR provides a risk-based approach to managing vulnerabilities, driven by automated and intelligent machine learning that enables optimization of remediation efforts based on actionable recommendations.

Jaffri studied research from third-party analysts and conducted an extensive RFP process to assess options. “In the grand scheme of things, in terms of looking at overall value, I felt the value we would gain from Secureworks would be greater than from anybody else,” he said.

The onboarding process for both solutions was easy, Jaffri recalled. “We did a small proof of concept just to make sure our team understood the solutions, then deployment across our entire environment occurred relatively quickly, in a matter of weeks and not months,” Jaffri said.

Benefits 

Shortly after onboarding Taegis ManagedXDR, the platform detected suspicious activity and generated an alert. Jaffri and his team worked with Secureworks to quickly investigate, discovering the activity was an approved action by a system administrator gaining remote access to a certain device.

“We would not have seen that activity,” Jaffri said. “We would not have known there was any behavior of that type occurring. The fact that it turned out benign is great, but the real impact is Taegis detected and identified that activity quickly, in the first few days we went live with the Secureworks solution. It just solidified the fact that we made the right decision.”

Beyond the superior detection and unmatched response of Taegis ManagedXDR, Jaffri said there are several areas of the solution that provide impactful value to moveero. Every Taegis ManagedXDR customer receives a monthly proactive threat hunt. Jaffri said the threat hunts are an activity that would be far outside the scope and capabilities of moveero, simply because of the level of expertise Secureworks threat hunters deliver through their vast knowledge of the global threat landscape.

“It’s something that we would never, ever have been able to do,” Jaffri said. “If we wanted any proactive threat hunting, we would have to find somebody who would take that on for us, and we would have to pay specifically for that threat hunt each time we want it. The way I look at it, we get at least 12 proactive threat hunts a year as part of Taegis ManagedXDR.”

Taegis ManagedXDR also provides customers with a quarterly security posture review. Delivered by a Secureworks Threat Engagement Manager, these reviews include discussions on observed activity in moveero’s environment, and steps Jaffri and his team can take to elevate the organisation’s security posture. moveero appreciates being assigned a Threat Engagement Manager, a designated resource who partners with a customer to help maximise value received from Secureworks solutions.

“It gives us a more detailed view of the threat landscape,” Jaffri said. “The Threat Engagement Manager gives us a summary of all the relevant information from the previous quarter, from the activity the Secureworks team observed in our environment, the investigations performed, and they direct us to the important stuff. We like to say we are trained up, in that we are able to have a proper, more in-depth discussion with our leadership about what we as an organisation should be doing.”

moveero also receives remote incident response services each quarter as part of Taegis ManagedXDR. Jaffri’s team used this aspect of the solution to fill a critical gap in the organisation’s security strategy, constructing an incident response plan.

“That was just an excellent experience,” Jaffri said. “The knowledge of the Secureworks incident response team, the information they provided, the support in creating the plan and running tabletop exercises with our executives. We now have our full executive team that’s bought into the incident response plan and their responsibilities in the plan.”

Taegis VDR provides moveero with visibility into their vulnerabilities and, more importantly, the guidance to determine which vulnerabilities should be addressed first. This helps the team save time that previously would be spent chasing what vulnerabilities to fix first, or trying to remediate all vulnerabilities at once.

“Taking a more risk-based, contextualized approach has specifically allowed us to use our resources more effectively,” Jaffri said. “You're not chasing a seemingly critical vulnerability that actually doesn't have any impact on your business.” 

  
Taegis VDR also has allowed moveero to produce a vulnerability assessment report that can be shared with internal partners on the service desk, to ensure those vulnerabilities are addressed. 
  
“The reporting platforms from both the ManagedXDR and the VDR perspective are really good,” Jaffri said. “They give me good, concise information from which I can make decisions and share with the executive team.”
  
The powerful combination of Taegis ManagedXDR and Taegis VDR has elevated moveero’s security posture to a level it could not achieve on its own, delivering Jaffri and the organisation confidence and peace of mind. “I don’t have to continually ask questions, check with the team, ask my team if they have noticed anything suspicious,” Jaffri said. “I don’t have to worry.”

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter