Synopsis
The objective of the customer was to improve the overall security posture of their infrastructure. The customer collaborated with Coforge to implement advanced security technologies in order to gain more insights about the looming threats and have defense mechanisms in place to protect the IT infrastructure from new emerging threats.
About the Client
The customer is one of the largest and oldest cement and building material company in Thailand and Southeast Asia.
Business Challenge
Customer wanted a vendor who would define security roadmap for its organization based on the NIST and ISO27K1 standards and be end-to-end accountable for enterprise security. The vendor was required to identify gaps and suggest/implement remediations accordingly. Customer’s infrastructure was spread across countries with no clear visibility. They wanted the vendor to perform asset discovery and baselining as well. Customer had implemented basic security controls in its environment and was looking forward to implement advanced security controls to protect the IT infrastructure. In addition, the customer wanted the vendor to provide Threat and Vulnerability Management services.
Our Solution
With a customer-focused approach, Coforge was able to design and implement a solution catering to the customer’s needs. The solution is described below:
- Established a 24x7x365 security operations center with implementation of SIEM solution using Coforge’s SIMP framework and integrated threat intelligence services to provide behavior-based advanced threat detection capabilities and on-demand threat-hunting services
- Aligned to the customer’s security frameworks and policies for smooth transition and ongoing operations
- Performed asset discovery exercise and asset categorization across the customer’s environment, according to criticality.
- Conducted NIST assessment and compliance assessment in accordance with ISO 27001 and local data protection laws; identified gaps and provided a detailed report to the customer with suggested remediations
- Conducted compliance testing of the environment to know the current patching posture and identify the scale of vulnerabilities for patching
- Implemented a robust Threat and Vulnerability Management program using Coforge’s Master framework
- Secured customer’s O365 adoption by defining and configuring policies and integrating services with DLP, MFA, etc.
- Implemented a phishing assessment and training program for proactive assessment
Delivering More Value
- Single-pane of view showcasing security posture and risk
- End-to-end visibility of the assets
- Automated remediation of OSP-based incidents
- Improvement of 0.5 point in NIST maturity level of the customer’s environment
- Improvement of 60% in user awareness as a result of security training program based on Coforge’s PAT service
