Sophos > Case Studies > Leading Steel Company Reinforces Security

Leading Steel Company Reinforces Security

Technology Category

Cybersecurity & Privacy - Cloud Security
Functional Applications - Remote Monitoring & Control Systems

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Services

Cybersecurity Services

The Challenge

Tata BlueScope Steel had advanced security protocols in place to address sophisticated threats. However, we believed that taking our eyes off the security posture was not an option, and a proactive approach to security was required. Our IT team had the necessary skills to manage security deployment but to continuously monitor the security installations qualified security professionals, who could act as an extension of our team, to deliver proactive SOC services were required.

The organization had also experienced multiple phishing incidents and addressing them was a key challenge. The pandemic meant that a large part of our workforce was working remotely, and this workforce was susceptible to attacks. Tata BlueScope wanted to extend security to employees working remotely and address the risk from zero-day attacks.

Log in to view content

The Customer

Tata BlueScope Steel

Log in to view content

About The Customer

Tata BlueScope Steel is a confluence of two global players in the steel industry namely Tata Steel and BlueScope Steel, Australia. The company offers best-in-class products including coated steel, steel building solutions, and related building products across Asia pacific region. The company wanted to expand visibility within its network and quickly identify security gaps, and incidents and remediate them. The organization was also aware that threats were becoming even more sophisticated and needed to be neutralized before they actively targeted Tata BlueScope Steel’s IT ecosystem.

Log in to view content

The Solution

The Sophos partner took through the defining features of Sophos Intercept X Advanced with XDR and MTR Standard and emphasized the need to move from the existing on-premise Sophos Endpoint solution to a cloud solution. The partner helped smoothen the implementation process with a thorough knowledge transfer to the team.

A combination of automated, lead-driven, and leadless threat hunting ensures no threat passes below the radar, and all threats are neutralized before they pose a problem. With lead-driven threat hunting, a manual, human-led identification and investigation process identifies new attacker behavior that is then addressed by the MTR ops team. Lead-less threat hunting combines threat intelligence, data science, and knowledge of attacker behavior with what’s known about Tata BlueScope Steel’s environment to anticipate new attacker behavior.

Log in to view content

Operational Impact

[Efficiency Improvement - Issue Response]
The company has reduced its threat response time dramatically
[Data Management - Cyber Security]
Has improved cybersecurity posture

Log in to view content

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Enel Secures Italian Power Generation Network

Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid. This grid:• Serves 31 million customers• Has a net installed energy capacity exceeding 31 gigawatts• Includes more than 500 power generation plants,including hydroelectric, thermoelectric, and wind• Is managed and monitored by Enel 24/7/365• Is operated by Terna, the Italian Transmission System Operator (TSO)Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.

Securing the Connected Car Ecosystem

In-vehicle communications and entertainment system hosts high-value or sensitive applications. API libraries facilitate communication and sharing of vehicle data. These API libraries are vulnerable to reverse engineering and tampering attacks and may even result in loss of passenger safety. Attackers can inject malware that may be able to migrate to other in-car networks such as the controller-area-network (CAN) bus which links to the vehicle’s critical systems. Software provided for dealers to interface with cars through the OBD2 port is vulnerable to reverse engineering and tampering attacks. Hackers may be able to abuse these tools to inject malicious code into the ECUs and CAN bus. Attackers can lift the cryptographic keys used, and use that to build their own rogue apps/software. Their cloned version of the original app/software may have altered functionality, and may intend to gain access to other in-car networks.

Secure and Cloud-based Data Marketplace

The great promise of new connected concepts of industry like 'Industry 4.0' is their ability to deliver a historically unparalleled level of responsiveness and flexibility. While modern supply chains are already heavily integrated and designed to be fluid and fast moving, a large swathe of manufacturing still remains beholden to economies of scale, large production runs, and careful preplanning.The Industrial Internet of Things (IIoT) is set to change this by allowing small-batch or even custom manufacturing on a truly industrial scale. With machines whose functions are not set in stone, but flexible and determined by their operating software and with a new form of connectivity bringing industrial engineers, product manufacturers, and end users closer together than ever before. Ad-hoc adjustments to automotive parts, for example, during active product runs or the bespoke manufacturing of custom sneakers become very viable options indeed.Much of this remains a theoretical vision, but IUNO, the German national reference project for IT security in Industry 4.0 demonstrates the new capabilities in action with a secure technology data marketplace running a smart drinks mixer.

OTA Software Updates for Smart Energy (gridX)

gridX has a requirement for over-the-air software updates for their gridBox devices and used the Yocto Project for their builds. The driver for the requirement was having the ability to quickly support new features, as well as deploying bug fixed and path known security vulnerabilities. New software updates with a US stick manually to all gridBox devices in the field would be prohibitively expensive and labor-intensive.

Expedia Hosted by 2lemetry Through AWS

Expedia is committed to continuous innovation, technology, and platform improvements to create a great experience for its customers. The Expedia Worldwide Engineering (EWE) organization supports all websites under the Expedia brand. Expedia began using Amazon Web Services (AWS) in 2010 to launch Expedia Suggest Service (ESS), a typeahead suggestion service that helps customers enter travel, search, and location information correctly. According to the company’s metrics, an error page is the main reason for site abandonment. Expedia wanted global users to find what they were looking for quickly and without errors. At the time, Expedia operated all its services from data centers in Chandler, AZ. The engineering team realized that they had to run ESS in locations physically close to customers to enable a quick and responsive service with minimal network latency.

Precision Wearable Biometrics Provider, Valencell, Selects Arxan to Protect Intellectual Property

Years of research and development were invested by the company into their biometric sensor technology. They wanted to ensure that their unique, patented intellectual property (IP) was not compromised or cloned through application attacks, such as reverse-engineering or code tampering. This was particularly important given the increased competitive pressures in the wearables market and the customer’s distribution model of working in partnership with consumer product manufacturers and potentially third party developers. Although patented and protected under NDA, the company’s code and IP could potentially be exposed during the sharing of their technology (in the form of an SDK/library) during integration as partners work to turn their wearable products into biometric wearables. The customer also required ease of use and flexibility such that their proprietary technology could first be easily protected and then be leveraged within another 3rd party application. As such, the solution needed to meet stringent resource consumption requirements of diverse mobile / IoT platforms.

© 2015-2023 IoT ONE Limited | Privacy Policy

Contact us

Let's talk!

Thank you for your message!
We will contact you soon.