Intelligent CISO Issue 19 | Page 53

COVER STORY While SentinelOne’s solution was an immediate contender, it was only when it caught 28 out of 29 ransomware attacks during a simulated proof of concept trial that the Racing Post was completely won over. Once deployed, SentinelOne’s cloud solution gave the Racing Post the ability to manage and oversee its entire security across all platforms via a central dashboard. “After installation my team ran a simulation to test the new system, unbeknown to me,” said Pieterse. “Moments later my inbox began flooding with emails saying which machines had viruses and how SentinelOne was quarantining the problem in real time. “My initial fright turned to confidence that we really were safe in SentinelOne’s hands as I got continuous messages assuring me the problem was being dealt with. We haven’t had that luxury with previous vendors and have usually only become aware of a problem as we discovered it, not via the anti-virus.” “Our goals were to totally automate our processes, ideally working with a partner that truly felt like an extension of our team. We found that partner in SentinelOne,” added Pieterse. Intelligent CISO spoke to Pieterse to find out more about the implementation. What digitalisation processes has the organisation undergone and what security challenges have these created? Going from a traditional print title into digital, we had to complete the journey of moving from on premise data centres to the cloud. The natural concern is always security – we were moving from an on-prem data centre service which we installed, managed and controlled, into the ether where we have no idea what's actually happening. We embraced that process and reviewed what we wanted to do, how we wanted to do it, how we could www.intelligentciso.com | Issue 19 I now have the confidence that my estate is protected whereas I didn’t have the confidence in the past. improve things, how we could be more cost effective and efficient, and then we took it step by step, making sure we were secured by design at heart. Are there any particular threats facing organisations like yourself? I think generally you have malicious actors on a daily basis who try to see if they can find vulnerabilities with the aim of attacking your site. SentinelOne it was actually a very nice streamlined process. Immediately we started seeing a reduction of incidents reported to the helpdesk. Previously there would have been a number of incidents that the helpdesk had to go and service due to anti-virus causing problems or conflicts etc. Since SentinelOne, that’s stopped. The other thing I like about SentinelOne is that, during this period, we had some mergers and acquisitions and it was a very nice, easy process to go and roll the product out to other group companies. It made my life much easier with acquisitions, where in the past with previous anti-virus, it would have been a real pain to get that rolled out. How far would you say the system has future-proofed the organisation? I don’t think there is anything specific to us – it’s about asking whether you have a good security hygiene and ensuring all the bases are covered. The beauty of SentinelOne is that it just sits in the background and does its job without hard maintenance. I now have the confidence that my estate is protected whereas I didn’t have the confidence in the past. You are never going to be 100% protected but it’s about staying on top of that and using your resources as effectively and efficiently as you can. What best practice approach should other CISOs take to find the right endpoint security solution for them? And if something does happen and you’re aware it’s happening then you can do something about it. Don’t just look at the cost, look at the full benefit package. Don’t just go for the cheapest anti-virus to tick the box because it's not as simple as that. Cheap might be very expensive later. u Why did you select SentinelOne? We came up for renewal with our existing anti-virus vendor and I wanted to do a proof of concept with SentinelOne. But the thing we couldn't test properly initially was ransomware, until my team found a site which allows you to simulate 29 different ransomware vector attacks. The existing vendor only picked up one out of 29. The SentinelOne product picked up 28 of 29. I was also concerned about installation as we hadn’t had a very good experience with the previous one. But with the help of Don’t just go for the cheapest anti- virus to tick the box because it’s not as simple as that. Cheap might be very expensive later. 53