The better the question
How can a comprehensive view of threats improve cybersecurity?
STT GDC India wanted to detect and monitor cyber threats across its different system environments.
STT GDC India wanted to develop an effective cybersecurity strategy with highly mature threat detection and response capabilities. The company & EY partnered together to conduct a gap assessment of cybersecurity framework, which revealed multiple areas of improvement in cybersecurity policy. These improvement areas were identified as per benchmarks and standards identified by leading industry practices and security standards and guidelines such as ISO27001 and NIST. As part of the exercise, the assessment identified the need for improving the following: security monitoring and operations, business continuity planning and disaster recovery, privacy, and data protection.
We needed a comprehensive, best-in-class cybersecurity platform that would consolidate information from multiple threat vectors – cloud, physical and virtual assets, network and endpoints – into a single pane to enable the monitoring team to run with maximum efficiency.
While the company recognized a clear need for building a security operations centre, it found several drawbacks in existing market solutions which rendered them ineligible. The solution had to be tailored specifically for the company’s business and designed to mitigate against threats from advanced and interactive attackers.
The better the answer
An AI/ML enabled solution to provide visibility and focus on real cyber threats was adopted
A comprehensive cross-environment single window view helped differentiate between real and false threats.
STT GDC India evaluated cybersecurity solutions from several providers but realized that their specific needs could only be met by a customized solution provider with proven capabilities in AI/ML. It selected EY’s Cognitive Capability Centre (CCC), a comprehensive security operations center (SOC) solution, which has the capability to meet the company’s multi-faceted need of providing security across multiple threat environments along with the capability of providing a single-window view of the threat landscape across on-premise and cloud environments.
EY-CCC SOC collects useful data from the network, endpoint, cloud, container and virtualized attack vectors so that analysts can see the whole picture throughout the kill chain. Its AI abilities can dismiss false positives allowing analysts to focus on real threats. The platform leverages machine learning technology to improve its detection and response capabilities over time.
EY-CCC Next Gen SOC is designed on the principle that cybersecurity is a product of constant vigilance rather than sporadic responses to cyber-attacks, due to which it conducts real-time scanning for cyber threats.
Related case study
Digital age and the inherent connectivity of individuals, devices and organizations have opened a whole new playing field of cyber vulnerabilities. To counter emerging cyber-attacks, organizations need to be equipped with cybersecurity solutions that use AI/ML technologies, which not only provide conventional security but are also capable of behavioral detections.
The better the world works
Better monitoring reduced volume of threats and the time taken to detect them
EY-CCC Next Gen SOC solution improved monitoring and 24x7 support.
EY-CCC Next Gen SOC solution provided STT GDC India with the right amount of support for managing security operations in a programmatic way. EY offers 24x7 security monitoring through its CCC Next Gen SOC solution which provides Cognitive Threat Detection and Response, integrated with SOAR and Threat Intelligence.
STT GDC India was able to drive immediate improvements to its cyber defence posture, using EY-CCC Next Gen SOC capability. The following figure depicts how the company improved cybersecurity across different metrics.
A 360-degree view of cybersecurity has helped us build a strong foundation using integrated AI-based platform, looking forward to strengthen the same further. We thank the entire EY cybersecurity team for their support in this journey.
The solution offers a hybrid approach to security: onsite resource work within the client’s data center during business hours. The onsite resource is complemented by a team of remote analysts that are available 24x7 and 365 days a year. This service is provided from EY-CCC SOC facility at Chennai.