SOC Modernization for a Leading Canadian Energy Provider
Customer:
Leading Canadian Energy Provider
Organization size:
1000+ employees
Industry:
Utility
ISA Cybersecurity Service:
Managed Security Services
Solution:
Managed SIEM
- Security Challenges
- Identify the crown jewels, digital assets, and applications that need to be managed and monitored from a cybersecurity perspective
- Gain understanding of ERP and SAP requirements in relation to security controls
- Manage a wide array of IT and IoT industrial controls in a demanding SIEM environment
- Key Results
- ISA Cybersecurity now serves as an extension of the customer’s IT security team, reducing cost and recruitment burdens while providing outstanding service and cybersecurity insight
- Maximized customer’s investment in SIEM solution and other cybersecurity solutions
- Improved cybersecurity program maturity, governance, and audit posture
- Superior incident response and crisis management capabilities
- Customer’s confidence in ISA Cybersecurity’s support freed up time and resources for further IT transformation
Business Benefits
managed services & SOLUTION optimization
- Seamless system upgrade to current version and patch level including expert customization of SIEM solution detection capabilities to reflect the customer’s unique environment.
- Assisted customer with a top-to-bottom business criticality assessment, identifying essential assets, identities, and processes to be protected. Critical assets now receive focused monitoring and attention relative to the business and operational risk.
- Provide round-the-clock monitoring of SIEM operational health (uptime, performance, excessive log events, etc.) to ensure high availability and optimal performance.
- Implemented secure and direct access to customer controls to enable triage and investigative processes to isolate root cause and provide specific and actionable risk-based recommendations.
superior incident response & Improved security maturity and governance
- Implemented and customized an extensive library of “use cases” to develop a robust incident response program, orchestrating rapid response to potential cyber-attacks, security incidents, or unplanned system events.
- Reduced impact on the customer’s resources by performing control-specific analysis, triage and first response reporting.
- Developed a roadmap to illustrate what the customer’s overall cybersecurity program can help them achieve.
- Provided additional insights on all in-scope managed devices and technologies – including firewalls, SIEM, and EDR – to help maximize the value of every cybersecurity investment dollar.