The better the question. The better the answer. The better the world works.

Case study: How a data centre services provider built robust cybersecurity using AI/ML

Data Centre Colocation service provider STT GDC India transformed cybersecurity with AI and ML by building a unified view of threats across its on-premise and cloud environments.

Ways to improve cybersecurity
(Chapter breaker)
1

The better the question

How can a comprehensive view of threats improve cybersecurity?

STT GDC India wanted to detect and monitor cyber threats across its different system environments.

STT GDC India wanted to develop an effective cybersecurity strategy with highly mature threat detection and response capabilities. The company & EY partnered together to conduct a gap assessment of cybersecurity framework, which revealed multiple areas of improvement in cybersecurity policy. These improvement areas were identified as per benchmarks and standards identified by leading industry practices and security standards and guidelines such as ISO27001 and NIST. As part of the exercise, the assessment identified the need for improving the following: security monitoring and operations, business continuity planning and disaster recovery, privacy, and data protection.

We needed a comprehensive, best-in-class cybersecurity platform that would consolidate information from multiple threat vectors – cloud, physical and virtual assets, network and endpoints – into a single pane to enable the monitoring team to run with maximum efficiency.
Information security executive
STT GDC India

While the company recognized a clear need for building a security operations centre, it found several drawbacks in existing market solutions which rendered them ineligible. The solution had to be tailored specifically for the company’s business and designed to mitigate against threats from advanced and interactive attackers.

An AI/ML enabled solution
(Chapter breaker)
2

The better the answer

An AI/ML enabled solution to provide visibility and focus on real cyber threats was adopted

A comprehensive cross-environment single window view helped differentiate between real and false threats.

STT GDC India evaluated cybersecurity solutions from several providers but realized that their specific needs could only be met by a customized solution provider with proven capabilities in AI/ML. It selected EY’s Cognitive Capability Centre (CCC), a comprehensive security operations center (SOC) solution, which has the capability to meet the company’s multi-faceted need of providing security across multiple threat environments along with the capability of providing a single-window view of the threat landscape across on-premise and cloud environments.

EY-CCC SOC collects useful data from the network, endpoint, cloud, container and virtualized attack vectors so that analysts can see the whole picture throughout the kill chain. Its AI abilities can dismiss false positives allowing analysts to focus on real threats. The platform leverages machine learning technology to improve its detection and response capabilities over time.

EY-CCC Next Gen SOC is designed on the principle that cybersecurity is a product of constant vigilance rather than sporadic responses to cyber-attacks, due to which it conducts real-time scanning for cyber threats.

Core elements of EY-CCC security operations center solution
Digital age and the inherent connectivity of individuals, devices and organizations have opened a whole new playing field of cyber vulnerabilities. To counter emerging cyber-attacks, organizations need to be equipped with cybersecurity solutions that use AI/ML technologies, which not only provide conventional security but are also capable of behavioral detections.
Burgess Sam Cooper
Ernst & Young LLP Information and Cybersecurity Advisory Services Partner
Continuous Monitoring in Cyber Threat
(Chapter breaker)
3

The better the world works

Better monitoring reduced volume of threats and the time taken to detect them

EY-CCC Next Gen SOC solution improved monitoring and 24x7 support.

EY-CCC Next Gen SOC solution provided STT GDC India with the right amount of support for managing security operations in a programmatic way. EY offers 24x7 security monitoring through its CCC Next Gen SOC solution which provides Cognitive Threat Detection and Response, integrated with SOAR and Threat Intelligence.

Salient features of EY-CCC Next Gen SOC

STT GDC India was able to drive immediate improvements to its cyber defence posture, using EY-CCC Next Gen SOC capability. The following figure depicts how the company improved cybersecurity across different metrics.

Benefits realized from EY’s CCC security operations center solution
A 360-degree view of cybersecurity has helped us build a strong foundation using integrated AI-based platform, looking forward to strengthen the same further. We thank the entire EY cybersecurity team for their support in this journey.
Milind Kulkarni
Vice President - Digital IT, STT GDC India

The solution offers a hybrid approach to security: onsite resource work within the client’s data center during business hours. The onsite resource is complemented by a team of remote analysts that are available 24x7 and 365 days a year. This service is provided from EY-CCC SOC facility at Chennai.