Intelligent CISO Issue 40 - Page 51

COVER STORY nd-user

Andreas Schneider , Group CISO at TX Group , tells us how the Swiss media company required a threat detection technology that could secure its Zero Trust deployment and more importantly , take automated responses . The organisation was looking for a simple and modern solution that could be primarily operated centrally , but also decentralised for those who require it and it found this in Cybereason .

TX GROUP IMPLEMENTS CYBEREASON SOLUTION TO ACHIEVE ITS CYBERSECURITY VISION

tThe challenge

Andreas Schneider , Group CISO at TX Group , is tackling one of the greatest unsolved problems in cybersecurity today : ‘ How can we thoughtfully automate our security team ?’
This is a tall order , especially in light of our ever-evolving world . The pandemic has not only changed the face of remote work , but has forced nearly every company today to re-evaluate their development , IT and security strategies . Adversaries are launching more attacks with automation and have become ruthless with data theft and extortion to achieve ransom demands .
Since 2018 , TX Group has worked to be a cloud-first company , adopting a Zero Trust framework and an agile security strategy . This means that instead of a hardened perimeter with firewalls and VPN , users should be able to access all of their business applications from any device , any time and anywhere .
In order to secure a work anywhere environment , Schneider wanted a solution that not only provided direct visibility into global endpoints , but could monitor and understand access to critical applications across cloud and on-premises . For example , if an unknown or Bring Your Own Device ( BYOD ) is being used to access an application , always require Two-Factor Authentication ( 2FA ). Or , if malicious operations have been detected on an asset , automatically limit the associated user ’ s access to critical applications .
In the past , Schneider and his team had used multiple Security Information and Event Management ( SIEM ) tools . The data lake approach didn ’ t meet the company ’ s needs : there were visibility blind spots , manual work when reconciling events and there wasn ’ t a
Andreas Schneider , Group CISO at TX Group reduction in Mean Time to Respond ( MTTR ). TX Group didn ’ t want to centralise log data in a single place — it wanted a threat detection technology that could secure its Zero Trust deployment and more importantly , take automated responses .
The solution
Since 2018 , TX Group has looked to Cybereason EDR to protect Windows , Mac and Linux endpoints across the company and its subsidiaries . Cybereason was originally chosen for its flexible support for on-premises and air-gapped environments , strong pre- www . intelligentciso . com
51