The company’s Russian operation was using the cybersecurity services of international providers.
Because of the new information security requirements prescribed by the company’s head office in Austria, the company faced the need to localize its cybersecurity services—particularly threat monitoring—and use Russian technology. This was the reason why the customer came to ICL Services.
Key Challenges
- Cut costs for the customer by outsourcing its non-core operations to external vendors under a cybersecurity service model.
- Connect the customer’s infrastructure to ICL SOCaaSe, the cybersecurity incident detection system.
- Set up 24/7 cyber threat monitoring and response service.
The ICL Services team suggested a pilot to demonstrate the capabilities of the incident detection system and facilitate a smooth transition.
Kaspersky KUMA, a SIEM-class security system by a Kaspersky Lab partner for centralized collection, analysis, and correlation of cybersecurity events, was selected as the core of the incident detection system. Unlike the existing rival solutions, the ICL Services team had the customer sites connected via the SD-WAN technology.
The project was implemented in a way that allowed for scalability and the option to add new event sources going forward.
One of the project’s strengths was that it expanded the range of services provided by adding the Metascan external scanner, which has the option to run regular scans of external resources and promptly identify any vulnerabilities in web applications.
With the ICL SOCaaS service, the customer’s cybersecurity officers get an up-to-date picture of all infrastructure events by means of incident alerts and reporting.
The customer receives periodic reports detailing cyber threats detected, trends noted, the extent of event source coverage, action taken, and vulnerabilities, if any, on the external perimeter.
Products and technologies
- Kaspersky KUMA
Results
- 24/7 cyber threat monitoring was implemented and is continuing.
- The SOC as a Service model eliminated the need for capital expenditure.