Intelligent CISO Issue 44 | Page 52

COVER STORY
The result
To eliminate identity risks , this customer leveraged automatic analytics based on Sonrai Dig ’ s resource graph . The IAM data collected across all World Fuel Services AWS accounts and Azure subscriptions by Dig were compiled into a normalised graph data model that quickly surfaced complex IAM and data relationships across all cloud identities . Unlike many solutions that only show singular IAM relationships ( e . g . a role with EC2FullAccess or an owner of a subscription ), Sonrai Dig connected the dots to show all relationships in a single picture and uncovered hidden risks . Excessive privilege risks can be eliminated and ‘ least privilege ’ enforced .
The impact of automation has been stunning . Sonrai Dig organised analysis , alerts and actions for environments into approximately 40 ‘ swim lane ’ – automatically directing issues to the right World Fuel team owners or bot responsible for remediating . Dig gives each environment an overall importance and a single pane of glass with a visual representation of security posture and risk . The right issues go to the right team , eliminating alert fatigue . Sonrai Dig helped the team improve inventory management of people and non-people identities , providing an end-to-end view to manage coverage for all of its dynamic cloud assets . The ability to filter and get immediate information for any instance or object in its environment was key . Dig now monitors the organisation ’ s entire cloud ( QA , development and production ) for any configuration or access drift .
Shawn M Bowen , CISO , World Fuel Services , discusses how Sonrai Security ’ s technology offering enables the organisation to solve energy challenges for its customers around the world .
Can you tell us what your role entails as the CISO of a major energy company ?
It ’ s the same rules for any CISO , except the implications are significantly higher as you move up the food chain of size of companies . The interesting aspect about this company is that it ’ s a global
52 www . intelligentciso . com