The objective of the client was to improve the overall security posture of its infrastructure. The customer collaborated with Coforge to implement advanced security technologies in order to gain more insights about the looming threats to the organization and have defense mechanisms in place to protect the IT infrastructure from new emerging threats.
About the Client
The customer is one of the largest and oldest cement and building material company in Thailand and Southeast Asia.
The customer was looking for a vendor to define security roadmap for its organization based on the NIST and ISO27K1 standards to identify the gaps and implement the remediation accordingly. The infrastructure was spread across countries, the customer had visibility of the infrastructure and wanted the vendor to perform the asset discover and baselining as well. The customer had implemented basic security controls in its environment and was looking to implement advanced security controls to protect its IT infrastructure. In addition to these, the customer wanted the vendor to provide Threat and Vulnerability Management services.
With a customer-focused approach, Coforge was able to design and implement a solution catering to customer’s needs. The solution is described below:
- Alignment to customer’s security frameworks & policies for smooth transition and ongoing operations.
- Asset discovery exercise and asset categorization according to criticality, across customer’s environment.
- NIST assessment and compliance assessment in accordance with ISO 27001 and local data protection laws, identification of gaps and providing detailed report with suggested remediation.
- Establishing a 24x7x365 security operations, implementation of SIEM solution using Coforge’s SIMP framework.
- Leverage Coforge's i-DART service to provision integrated threat intelligence service.
- Deliver behavior based advanced threat detection capabilities and on-demand threat hunting services using Coforge’s i-DART service.
- Compliance testing of the environment to know the current patching posture of the environment and identify the scale of vulnerabilities for patching.
- Implementation of the robust Threat and Vulnerability Management program using Coforge’s MASTER framework.
- Enabling O365 adoption by defining and configuring policies for services like DLP, MFA etc.
- Define a phishing assessment and training program for security awareness.
Delivering more value:
- Single pane view showcasing security posture and risk.
- End-to-end visibility of the assets.
- Automate remediation of the OSP based incidents.
- Improvement of 0.5 point in NIST maturity level of the customer’s environment.
- Improvement of 60% in user awareness as a result of security training program based on Coforge PAT service.