Proactive Cyber Security Measures for a Global Shipping Company
- Infrastructure as a Service (IaaS) - Hybrid Cloud
- Infrastructure as a Service (IaaS) - Public Cloud
- Marine & Shipping
- National Security & Defense
- Logistics & Transportation
- Quality Assurance
- Intrusion Detection Systems
- Tamper Detection
- Cybersecurity Services
- Training
The case study revolves around a global shipping company, one of the largest in the world, with over 135 years of experience in the industry. The company manages around 600 vessels and employs 20,000 people on shore and at sea, through nine ship management centres worldwide. The company was aware of the potential damage cybercrime could inflict on its operations, finances, and reputation, especially after the NotPetya malware attack on Maersk in 2017. The company had some security controls in place, but these did not provide visibility across its complete hybrid cloud infrastructure, including Office 365. They also lacked confidence that attacks would be identified quickly enough to minimise potential damage and disruption. With a relatively small number of IT specialists for its size, the company sought a third party to help with day-to-day threat detection, enable a more proactive approach to cyber security, and mitigate future security risks. They also needed to ensure that appropriate controls and processes were in place to meet all its data protection obligations, including the ability to detect and report breaches in line with the GDPR.
The customer is a global shipping company, one of the largest in the world with over 135 years of experience in the industry. The company provides integrated maritime solutions through nine ship management centres worldwide and manages around 600 vessels. It employs 20,000 people on shore and at sea. The company operates a globally dispersed network and a hybrid infrastructure, with strict compliance responsibilities. It was looking for a solution to enhance its cyber security measures, particularly in relation to the detection of ransomware, and to ensure that appropriate controls and processes were in place to meet its compliance obligations.
The shipping company decided to build a long-term partnership with a top-tier Managed Detection and Response (MDR) provider, Redscan. The decision was based on a range of criteria, including technical expertise, approach to threat detection, and quality of customer references. Redscan's Managed Detection and Response service provided the people, technology, and intelligence the company needed to identify and respond to both current and emerging cyber threats, 24/7. The company recognised the value of MDR in improving visibility across its infrastructure and the impact the service would have in driving a reduction in the mean time to detect and respond to threats. Redscan's Security Operations Centre (SOC) professionals operate as a virtual extension of the team, providing high-quality insight and mitigation guidance. To ensure robust security, Redscan also conducts managed vulnerability scanning and CREST-accredited penetration testing to help identify and address vulnerabilities across its global infrastructure.