The Challenge
Increased risk of cyber threats
The client faced challenges monitoring memory and disk usage metrics for AppStream instances due to limitations in Amazon AppStream 2.0's monitoring capabilities. To address this, there was an urgent need for a cost-effective and automated solution to enhance AppStream monitoring and ensure accurate metrics without manual intervention.
- Flat network across multiple factories, where communications between IT and OT devices are unmonitored and unidentifiable due to inadequate monitoring measures
- Absence of a robust cybersecurity and governance policy for their OT platform
- Inability to discover OT assets and inadequate visibility on OT devices, processes and communication
- Insufficient security monitoring and absence of real-time risk insights of OT devices
- Lack of integration between security solutions and Security Information and Event Management (SIEM) system
The Objective
Real-time insight into OT device risk
Our client wanted to improve their resilience against current and future threats.
- Identification of assets that are connected to the OT network
- Vulnerability management of OT assets and the OT network
- Real-time risk insights of OT devices
- Advanced and granular protection against cybersecurity threats
- Seamless integration between security solutions and SIEM
The Solution
Integration of an advanced threat detection tool
HCLTech's Cybersecurity team leverage our 360° SecureOT framework, to develop a customized end-to-end cybersecurity and governance program. The solution included:
- Deployment of network monitoring sensors across multiple locations, centrally managed through cloud
- Identification of assets connected to the network with parameters such as IP address, MAC address, hostname, protocols observed in communication, OS, model, firmware, etc.
- Utilization of an advanced threat detection tool to enhance security for all operational technology devices
- Integration of the threat detection tool with the existing IT SIEM solution for comprehensive cybersecurity incident monitoring
The Impact
Effectively managing 7,000+ endpoints assets
In partnership with our client, we created a robust security plan to fortify their OT network resilience using a risk-based approach. The roadmap emphasized aligning people, processes and technology for enhanced cybersecurity.
- Achieved system visibility across 58 locations through 108 network sensors
- Streamlined discovery and profiling of 22,000+ connected devices in OT environments
- Centralized security monitoring for real-time risk insights across all sites
- Managed 7,000+ endpoint assets with Microsoft Defender for Cloud Applications
- Enabled proactive protection against OT/IT security incidents
