Download PDF
Case Studies > Major Energy Provider Chooses Deception Technology to Better Protect Critical Assets

Major Energy Provider Chooses Deception Technology to Better Protect Critical Assets

Technology Category
  • Cybersecurity & Privacy - Intrusion Detection
  • Cybersecurity & Privacy - Network Security
  • Cybersecurity & Privacy - Security Compliance
Applicable Industries
  • Utilities
Applicable Functions
  • Facility Management
  • Business Operation
Use Cases
  • Intrusion Detection Systems
Services
  • Cybersecurity Services
  • System Integration
  • Training
The Challenge
Existing perimeter defenses were not providing adequate visibility into the organization’s complex network environment. Their environment was diverse, with systems and topologies unique to their business, such as SCADA systems and the typical user and datacenter spaces. Any solution needed to scale and be able to detect intruders in this diverse environment without adding excessive workload to the Information Security team.
About The Customer
The customer is a large public energy utility company that operates a complex and diverse network environment. This includes specialized systems like SCADA, as well as typical user and datacenter spaces. The company has a robust perimeter security system but recognized the need for enhanced internal network visibility to detect and respond to potential threats, including insider threats. The organization is proactive in its approach to cybersecurity, aiming to stay ahead of potential threats rather than reacting to incidents after they occur. The company has a dedicated Information Security team responsible for maintaining and improving their cybersecurity posture.
The Solution
The organization chose to implement the Attivo Networks® ThreatDefend™ platform, including BOTsink and Attivo Central Manager systems, to gain deeper and more comprehensive visibility into their network environment. The ability to clearly detect a breach and thwart an attacker early in the attack cycle were major driving forces behind their adoption of the Attivo solution. They are planning to add ThreatStrike and other ThreatDefend™ components in the future to further expand their active defense capabilities. The Attivo Networks® solution required no additional staffing. The organization found that their existing security team could easily deploy and maintain the solution without impacting their normal responsibilities, and integration with their existing security infrastructure gave improved visibility with minimal overhead.
Operational Impact
  • The organization added deception proactively to improve visibility and threat response capabilities, rather than in response to a security incident, putting them ahead of the curve.
  • The Attivo Networks® ThreatDefend™ platform includes native integrations with 3rd party security applications, enabling the organization to seamlessly mesh deception into their existing security infrastructure, feeding their SIEM and ticketing systems directly, improving efficiency and effectiveness.
  • The system has quickly identified existing misconfigurations and proven to be very effective in testing, leaving the organization confident they will be able to detect, and respond to, a sophisticated attack or insider threat.
Quantitative Benefit
  • The organization quickly discovered some misconfigurations and other issues in their environment, giving an almost immediate return on investment.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.