Case Studies Major Energy Provider Chooses Deception Technology to Better Protect Critical Assets

Edit This Case Study Record

	Major Energy Provider Chooses Deception Technology to Better Protect Critical Assets

Major Energy Provider Chooses Deception Technology to Better Protect Critical Assets

Technology Category	Cybersecurity & Privacy - Intrusion Detection Cybersecurity & Privacy - Network Security Cybersecurity & Privacy - Security Compliance
Applicable Industries	Utilities
Applicable Functions	Business Operation Facility Management
Use Cases	Intrusion Detection Systems
Services	Cybersecurity Services System Integration Training
Challenge	Existing perimeter defenses were not providing adequate visibility into the organization’s complex network environment. Their environment was diverse, with systems and topologies unique to their business, such as SCADA systems and the typical user and datacenter spaces. Any solution needed to scale and be able to detect intruders in this diverse environment without adding excessive workload to the Information Security team. Read More
About Customer	The customer is a large public energy utility company that operates a complex and diverse network environment. This includes specialized systems like SCADA, as well as typical user and datacenter spaces. The company has a robust perimeter security system but recognized the need for enhanced internal network visibility to detect and respond to potential threats, including insider threats. The organization is proactive in its approach to cybersecurity, aiming to stay ahead of potential threats rather than reacting to incidents after they occur. The company has a dedicated Information Security team responsible for maintaining and improving their cybersecurity posture. Read More
Solution	The organization chose to implement the Attivo Networks® ThreatDefend™ platform, including BOTsink and Attivo Central Manager systems, to gain deeper and more comprehensive visibility into their network environment. The ability to clearly detect a breach and thwart an attacker early in the attack cycle were major driving forces behind their adoption of the Attivo solution. They are planning to add ThreatStrike and other ThreatDefend™ components in the future to further expand their active defense capabilities. The Attivo Networks® solution required no additional staffing. The organization found that their existing security team could easily deploy and maintain the solution without impacting their normal responsibilities, and integration with their existing security infrastructure gave improved visibility with minimal overhead. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Intrusion Detection

Cybersecurity & Privacy - Network Security

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Utilities

Applicable Functions

Business Operation

Facility Management

Use Cases

Intrusion Detection Systems

Services

Cybersecurity Services

System Integration

Training

Challenge

Existing perimeter defenses were not providing adequate visibility into the organization’s complex network environment. Their environment was diverse, with systems and topologies unique to their business, such as SCADA systems and the typical user and datacenter spaces. Any solution needed to scale and be able to detect intruders in this diverse environment without adding excessive workload to the Information Security team.

About Customer

The customer is a large public energy utility company that operates a complex and diverse network environment. This includes specialized systems like SCADA, as well as typical user and datacenter spaces. The company has a robust perimeter security system but recognized the need for enhanced internal network visibility to detect and respond to potential threats, including insider threats. The organization is proactive in its approach to cybersecurity, aiming to stay ahead of potential threats rather than reacting to incidents after they occur. The company has a dedicated Information Security team responsible for maintaining and improving their cybersecurity posture.

Solution

The organization chose to implement the Attivo Networks® ThreatDefend™ platform, including BOTsink and Attivo Central Manager systems, to gain deeper and more comprehensive visibility into their network environment. The ability to clearly detect a breach and thwart an attacker early in the attack cycle were major driving forces behind their adoption of the Attivo solution. They are planning to add ThreatStrike and other ThreatDefend™ components in the future to further expand their active defense capabilities. The Attivo Networks® solution required no additional staffing. The organization found that their existing security team could easily deploy and maintain the solution without impacting their normal responsibilities, and integration with their existing security infrastructure gave improved visibility with minimal overhead.

Impact #1	The organization added deception proactively to improve visibility and threat response capabilities, rather than in response to a security incident, putting them ahead of the curve.
Impact #2	The Attivo Networks® ThreatDefend™ platform includes native integrations with 3rd party security applications, enabling the organization to seamlessly mesh deception into their existing security infrastructure, feeding their SIEM and ticketing systems directly, improving efficiency and effectiveness.
Impact #3	The system has quickly identified existing misconfigurations and proven to be very effective in testing, leaving the organization confident they will be able to detect, and respond to, a sophisticated attack or insider threat.

Impact #1

The organization added deception proactively to improve visibility and threat response capabilities, rather than in response to a security incident, putting them ahead of the curve.

Impact #2

The Attivo Networks® ThreatDefend™ platform includes native integrations with 3rd party security applications, enabling the organization to seamlessly mesh deception into their existing security infrastructure, feeding their SIEM and ticketing systems directly, improving efficiency and effectiveness.

Impact #3

The system has quickly identified existing misconfigurations and proven to be very effective in testing, leaving the organization confident they will be able to detect, and respond to, a sophisticated attack or insider threat.

Benefit #1	The organization quickly discovered some misconfigurations and other issues in their environment, giving an almost immediate return on investment.

Benefit #1

The organization quickly discovered some misconfigurations and other issues in their environment, giving an almost immediate return on investment.

Download PDF Version

Overview

Major Energy Provider Chooses Deception Technology to Better Protect Critical Assets

Operational Impact

Quantitative Benefit