Case Study: Rebuilding a Cybersecurity Program with Defensible Technology

At A Glance

One of the largest global Operational Technology (OT) cybersecurity providers was faced with the challenge of rebuilding its cybersecurity program from the ground up after being acquired by a private equity firm. The experts at Defensible Technology were brought in to provide Virtual CISO (vCISO) services and ongoing vulnerability monitoring.

Thanks to Defensible, this client has a comprehensive and robust cybersecurity program that protects not only its internal assets, but all of the clients that the company serves within the critical infrastructure sector as well.

Client Overview

Headquartered in Northeastern US, the Company primarily serves industries within the critical infrastructure sector, including utilities, oil and gas, chemical, transportation and logistics, pharmaceuticals, higher education, and healthcare, to name a few. They were the first OT cybersecurity provider in the market, and since its founding in 2006, has supported several of the largest critical infrastructure companies around the world, including 8 of the 10 largest utility companies in North America.

Critical infrastructure organizations have unique cybersecurity needs, with plants and endpoints spread across the globe, as well as systems and assets that often require 24/7 uptime. To meet the unique and demanding needs of cybersecurity and asset control within critical infrastructure environments, this Company offers software solutions with a management platform purpose-built to address the overlapping requirements of cybersecurity, compliance, and change management for industrial control systems (ICS).

Previously owned by Lockheed Martin and CapGemini, they were acquired by private equity in 2020.

Challenges

Post acquisition, the Company faced new challenge of needing to re-establish its own cybersecurity program from the ground up. This challenge became especially urgent as they had over a decade worth of revenue stream and dozens of existing clients, and they could not afford to have cybersecurity vulnerabilities interrupt its operations or put its customers at risk. Additionally, as a software supplier for critical infrastructure organizations, they received numerous questionnaires and surveys from clients performing third-party vendor due diligence and needed to quickly realign its cybersecurity program standards so that all questionnaire responses were an accurate representation of their internal cybersecurity program.

To fill the cybersecurity gaps created by their recent acquisition, the Company's leadership began the search for an outsourced team of cybersecurity experts and reached out to Defensible Technology based on trusted industry recommendations. Defensible was ultimately selected to help rebuild their cybersecurity program due to the company’s practical and client-centered approach to cybersecurity and cyber risk management.

Solution

In order to create and implement the policies and procedures needed to support the Company's internal security needs, as well as the associated needs of its clients, the Company partnered with Defensible in 2021 and utilized Defensible's CxO Advisory Services to rebuild their cybersecurity program and fortify their cyber defenses.

Many of the initial services provided by Defensible fell under the umbrella of the vCISO-as-a-Service offering, and were focused on strategizing and implementing a comprehensive security program whereby Defensible initially focused on three aspects of the Company's security program:

1. Creating a baseline set of documents and internal standards;
2. Updating questionnaire and survey responses to reflect new policies and governance approaches;
3. Restructuring of technical procedures

Since the initial engagement in 2021, the partnership has evolved, and Defensible now provides additional cybersecurity services that address technology operations and relationships with third-party information technology (IT) providers and vendors, as well as advisory around building security requirements into the design and development stages for all software products, as well as incorporating more customer-facing availability for cybersecurity concerns.

Results & Benefits

As a result of the partnership with Defensible, the Company was able to build a comprehensive and robust cybersecurity program with a number of supplemental benefits:

Improved documentation and organization?

• As an organization that operates within the cybersecurity space, the Company was already adhering to a number of industry best practices, especially in regard to security controls. However, some of these successful cybersecurity initiatives were not well documented as formal policies and procedures. While rebuilding the program, Defensible was able to properly document and operationalize all aspects of cybersecurity for the Company, from Human Resources operations all the way through software development. This holistic approach to documentation has made the effect of the Company's cybersecurity programs tangible across the entire organization.?
• Additionally, Defensible, as part of the efforts to create a baseline set of internal cybersecurity documents and an information security policy, created several core forms of documentation for policies and procedures; these documents included a set of standards for business continuity, a disaster recovery plan, and an incident response plan. With these new sets of documentation in place, the Company is well-equipped to not only prevent cyberattacks and incidents across their entire attack surface, but also effectively respond to and remediate any potential incidents that may occur in the future. With all of these new policies and procedures properly documented, the Company was also easily able to create new questionnaire and survey responses that serve as an accurate reflection of their cybersecurity program.?

Fewer gaps in cybersecurity and managed services coverage?

• Defensible worked closely with the Company's selected managed service providers (MSPs), as well as other entities who provided IT security-related services, to identify what offerings were relevant to the Company’s newly rebuilt strategy, and to identify what gaps needed to be filled with in-house programs or procedures. This approach, which was specifically tailored to the Company’s unique IT and cybersecurity technology stack, allowed nothing to slip through the cracks or be unaccounted for.?

Increased awareness of vulnerabilities?

• In addition to the cybersecurity program groundwork laid by Defensible at the beginning of the partnership, Defensible also conducts ongoing internal and external vulnerability scans, allowing for increased visibility of vulnerabilities across the organization’s entire attack surface. Defensible performs these recurring vulnerability scans and provides detailed monthly reports to keep the Company’s leaders up-to-date on the vulnerabilities present in all of the organization’s cyber environments.?
• Defensible also helps further protect the Company from potential cyberattacks by heading a security awareness training program for all Company employees, regardless of the department in which they work. One element of this program is internal threat testing; this can include crafting periodic messages that serve as a “phishing test,” sharing them across the organization to see if any employees click on a potentially dangerous link, and providing training to those who may be compromised by interacting with a real?phishing email.?

Why Defensible

Organizations that operate within the critical infrastructure sector, as well as many other industries, face a number of industry-specific cybersecurity challenges, requiring the attention and expertise of seasoned cybersecurity professionals. At Defensible, we take a client-centric approach and offer solutions and services based on your actual needs.

If you're facing challenges, or merely want a sanity check around your company's cyber readiness, reach out to the experts at [email protected] to see how we can partner towards helping you better secure your organization.