Mon, Apr 17, 2023
Building Cyber Resilience Amid Azure Migration
With ransomware increasing and a complex, business-critical cloud migration on the horizon, BSM, one of the world’s largest shipping companies, was seeking a solution to monitor its environment for potential threats, both now and in the future. Working with Kroll gives the company greater visibility across its global network of offices and ships to better detect and respond to threats. Teams within Kroll help BSM to navigate and deploy appropriate security controls and processes, which include those related to its Microsoft Security strategy, continuously monitoring systems using Kroll Responder managed detection and response, and ultimately building a more effective and resilient IT infrastructure while meeting compliance obligations.
Overview
Industry
- Shipping
Challenges
- Lack of threat visibility
- Legacy security information and event management (SIEM)
- Planned change to IT infrastructure
Kroll Services
- Kroll Responder MDR
- Penetration testing
- Vulnerability scanning
Impact
- 24/7 threat monitoring
- Enhanced threat visibility
- Improved vulnerability management
The Challenge
BSM was looking to build a long-term partnership with an experienced managed detection and response (MDR) provider. This was particularly important given the planned cloud migration to Microsoft Azure, which aimed to achieve a more centralized IT approach for both its primary and smaller offices, many of which were small maritime centers. BSM’s choice of provider was based on a range of criteria, including technical expertise, approach to threat detection and quality of customer references.
Kroll's Solution
The company recognized the value of Kroll Responder MDR in improving visibility across its infrastructure and the impact the service would have in driving a reduction in the meantime to detect and respond to threats. Kroll Responder’s global security operations center (SOC) professionals operate as a virtual extension of the team, providing the high-quality insight and mitigation guidance its IT team needs to respond to incidents whenever they arise.
To further ensure BSM’s security is as robust as possible, Kroll also conducts managed vulnerability scanning and CREST-accredited penetration testing to help identify and address vulnerabilities across its global infrastructure.
As a result of Kroll’s technology-agnostic approach and deep integration with vendors such as Microsoft, its security experts have helped BSM to migrate from a legacy SIEM to cloud-native security monitoring with Microsoft Sentinel. Kroll swiftly identifies and helps the IT team respond when threats arise, from phishing attempts that are prevented in collaboration with the Secure Email Gateway (SEG) vendor to stopping with fully-fledged ransomware attacks before detonation.
“The human factor is something I’m always looking for. I don’t want to talk with bots—I want to talk with people. This personal approach is something I noticed from my first engagement with Kroll, and it is still true today.” – Petros Andreou, Head of IT at BSM
The Impact
Enhanced Threat Visibility
The shipping company now has enhanced threat visibility across its global network of offices, ships and public cloud environments. Kroll uses the latest security intelligence to detect current and emerging threats and constantly tunes the underlying technology, included as part of Kroll Responder, to reduce false positives.
Swift Incident Response
Kroll provides the outcomes and actionable mitigation guidance needed to be able to quickly respond to incidents and significantly reduce the possibility of an attack. Incident information is shared securely via Kroll’s Redscan threat management platform. Kroll’s SOC teams thoroughly analyze and investigate every security alert received and, if the alert is deemed to be a genuine incident, use the Redscan threat management platform to notify the client, relay the incident’s priority level and supply the information needed to assist remediation.
Improved Vulnerability Management
For added security, Kroll offers its broader portfolio of solutions and support. For example, penetration testing engagements, conducted by Kroll’s team of CREST-certified experts and designed to identify and help address hidden vulnerabilities across the company’s infrastructure.
Professional Service
The level of service offered by Kroll continually gives BSM peace of mind. From the monthly service reports to personal engagement from both the technical and managerial teams, it is this collaboration that allows the tripart relationship between BSM, Microsoft and Kroll to work so seamlessly and be aligned for the future evolution of the security market and threat landscape.
Explore the extensive capabilities of Kroll Responder MDR for Microsoft.
Kroll Responder MDR
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Penetration Testing Services
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
Threat Exposure and Validation
Proactively identify your highest-risk exposures and address key gaps in your security posture. As the No. 1 Incident Response provider, Kroll leverages frontline intelligence from 3000+ IR cases a year with adversary intel from deep and dark web sources to discover unknown exposures and validate defenses.
