Case Study
UST helped global transportation company automate 70-80% of L1 SOC activities
OUR CLIENT
Founded more than a century ago, this European freight transport and logistics company is one of the largest public companies in the world. With operations in 130 countries and over 100,000 employees, the company generates approximately $75 billion in annual revenue.
CHALLENGE
Automating and optimizing cybersecurity processes
The company’s security operations center (SOC) relied on manual processes to monitor and respond to security issues. Cybersecurity leaders wanted to introduce more efficient, automated processes to reduce the mean time to respond (MTTR) and resolve incidents. The global logistics company wanted to partner with a managed security services provider (MSSP) that could:
- Provide 24x7 coverage for level 1 (L1) SOC activities - supporting all aspects of security operations and augmenting the capabilities of the company’s existing security team
- Offer a more transparent approach to security - to replace the black box testing method of its incumbent security vendor
- Leverage existing tools and technologies - to keep costs in check
- Implement measurable KPIs - to understand the effectiveness of the MSSP engagement and continually optimize security operations
TRANSFORMATION
Using MSSP oversight and automations to improve operations
The multinational transportation and logistics company selected CyberProof, a UST company, as its MSSP to deliver fully managed security event monitoring capabilities. CyberProof developed a flexible, scalable security analytics and SOC monitoring solution that integrated the CyberProof Defense Center (CDC) platform with Microsoft Azure Sentinel.
The CDC platform provides the company’s security team with an automated, collaborative environment to monitor and respond to security threats using enriched alerts and robust reporting. Meanwhile, Azure Sentinel provides an intelligent security information and event management (SIEM) solution. CyberProof security experts also provide around-the-clock security event monitoring, event enrichment, and triage following customized threat detection rules, use cases, and digital playbooks.
IMPACT
Eliminating up to 80% of manual tasks helped cut SOC costs by 40%
With a solution hailed by the client, the company's Head of Cyber Defense said, "CyberProof's solution provided us with dramatically improved MTTR, thereby reducing the level of risk and minimizing impact. CyberProof’s virtual analyst, SeeMo, contributed to their ability to reduce human efforts and cut costs.”
The company has achieved these benefits:
- Automated 70-80% of L1 activities - with alerts; orchestrated triage, investigation, and response activities; and our use case catalog, a library of customized use case kits consisting of prevention controls, detection rules, and response playbooks
- Reduced SOC costs by 40% - thanks to the MSSP engagement; the automated, integrated CDC-Azure Sentinel solution; and cloud-native tools
- Improved security visibility - by expanding the company’s cloud environment monitoring with the Azure Sentinel SIEM
- Increased collaboration and transparency - with full visibility and control over SOC operations
RESOURCES
https://www.ust.com/en/what-we-do/digital-transformation/automation