实例探究 > Major Sports Organization Protects Critical Infrastructure With Deception Technology

Major Sports Organization Protects Critical Infrastructure With Deception Technology

公司规模
Large Corporate
地区
  • America
国家
  • United States
产品
  • ThreatDefend Deception and Response Platform
  • ThreatDefend BOTsink engagement server
技术栈
  • Deception Technology
  • ICS-SCADA Network Monitoring
实施规模
  • Enterprise-wide Deployment
影响指标
  • Productivity Improvements
  • Customer Satisfaction
  • Employee Satisfaction
技术
  • 网络安全和隐私 - 入侵检测
  • 网络安全和隐私 - 网络安全
适用行业
  • 安全与公共安全
  • 电信
适用功能
  • 设施管理
  • 商业运营
用例
  • 入侵检测系统
  • 远程资产管理
服务
  • 系统集成
  • 网络安全服务
关于客户
A major league sports organization faced significant cybersecurity challenges, particularly concerning their ICS-SCADA network. This organization hosts large sporting events that are televised live, making network security paramount to ensure uninterrupted operations and the safety of attendees. The infosec team was under-resourced, lacking the headcount, budget, and infrastructure to deploy and maintain a wide array of prevention tools. They needed a solution that provided visibility into their network, identified misconfigurations, and offered actionable alerts without generating a large volume of false positives. The organization was particularly concerned about potential attacks that could shut down and lock their ICS systems, posing serious risks to both operations and human safety.
挑战
The organization was mainly concerned about security threats to their SCADA network. In particular, the infosec team was most concerned about an attack that could work to shut down and lock their ICS systems – putting people in danger and potentially causing serious bodily harm. They did not have the resources (headcount, budget, infrastructure) to deploy and maintain a wide array of prevention tools to protect their network from outside threats. Additionally, ICS devices are not always easily patched or enabled to run antivirus solutions. They needed to know exactly where the weaknesses in their network were so that they could focus their resources on fixing the specific areas that needed attention. Furthermore, the infosec team knew that there were multiple misconfigurations in their network, but had little idea as to where those misconfigurations were or what needed to be done to fix them.
解决方案
The team set up the Attivo ThreatDefend™ Deception Platform within their network to gain unique visibility into their environment. Once deployed, the Attivo solution alerted the team to several misconfigurations in the network that represented significant weaknesses. The infosec team discovered a lot of activity on their network that they had not previously been aware of. Initially concerned about false positives, further investigation revealed that the alerts were real, substantiated, and actionable in a way that their other devices could not achieve. The ThreatDefend BOTsink engagement server also raised alerts on activities that had completely bypassed their prevention devices. This allowed the team to detect early inside-the-network threats and respond more efficiently.
运营影响
  • The infosec team gained significantly more visibility into their network without the need to add resources.
  • The team no longer wasted time chasing false positives and unsubstantiated incidents, allowing them to focus on real threats.
  • High fidelity alerts from the ThreatDefend platform greatly lowered the time-to-discovery and time-to-response on threats, saving the team hours if not days.
  • By catching previously invisible threats, the team could better protect their network from attacks that could cause serious harm or communication outages.
  • The organization was able to identify and quarantine a malicious actor in the initial stages of an attack, preventing further spread and potential damage.
数量效益
  • The organization has now deployed the ThreatDefend Deception Platform into multiple stadiums across the United States.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。