Customer type
Freight forwarding and logistics company with 30 employees and a turnover of up to 200 million CZK.
What situation did he deal with
The customer has been using the services of the monitoring centre for a long time and uses various platforms for its applications, some strictly linked to the client’s foreign carrier systems. Management is deciding how to optimally set up data security measures while effectively setting cybersecurity spending, especially after last year’s DDoS attack and recurring ransomware.
What we helped with
After the initial analysis, we identified the systems according to criticality and importance that will be subject to the new setup. We created standards for a central security setting (hardening) for high security. We set security policy – technical and procedural regulations based on proven standards for other applications and objects of the internal and external network.
Due to the amount of technologies managed in this way, we proposed the deployment of a vulnerability management tool (VMS) that automated the control of compliance with the established security standards and we started to provide the customer with clear reporting of critical points of the complete IT infrastructure.
What the solution brought
The strategy eliminated the purchase of security tools and technologies that often caused conflicting effects in terms of confidentiality and data availability. The solution provided the customer with continuous monitoring of risk and threat status. We walked the customer through a situation in which he faced an attack and taught him how to proceed when anomalies were detected on monitored servers (operating system, databases, web servers, application servers) and HW devices (SCADA, hardware firewalls, WiFi access points, etc.).
Benefits of implementing information risk management
- Significant increase in the level of safety of partial operating systems
- Systems are secured at a high level according to international standards and our experience gained from many years of experience in the field of configuring cyber security systems
- Risks arising from existing vulnerabilities, configuration mismatches or ICT operations are identified and managed using manual and automated vulnerability management tools
