国内 & 使用Rapid7实现网络安全运营

所面临的挑战

国内 和 一般 is a 110-year old business with an accumulation of systems 和 dozens of IT processes that have evolved over the years. As the company expands globally 和 digitizes, their attack surface is growing. The mixed heterogeneous environment creates additional challenges in terms of increased cyber risk. 

D&G的首席信息官, Phil realized that he needed to enhance the company’s cyber protections 和 empower the business to own their cyber risk. 但维&G was missing a platform that a modern organization needs to ensure it’s protected adequately in identifying risk 和 threats – in a hybrid environment, 在规模和背景上. “We needed a modern set of technologies that together would give us observability 和 proactive capabilities,菲尔说。.

解决方案

菲尔寻找一个网络安全合作伙伴，使D&G to operationalize cybersecurity; to ensure that the department 和 person in the best position to manage the risk, 是否对风险和解决风险的工具有可视性. “基于庞大的数据量, 工具, 责任被重新分配到企业中, 我们知道我们需要提前, 易于使用的平台，以帮助编排.”

国内 和 一般 chose Rapid7’s Platform with InsightVM for vulnerability risk management, InsightCloudSec, 云风险和遵从性解决方案, InsightAppSec用于应用程序安全, 以及Rapid7的威胁命令来管理外部威胁. +, to supplement their security team 国内 和 一般 chose Rapid’s 管理检测和响应 service. “当我们部署Rapid7平台时, 它给了我们一大堆我们以前没有的见解.”

全面且易于使用

“我们确定了许多有助于保护端点的不同工具, 周长, 我们的终端用户. But the thing that we needed 和 where we were quite blind was how you bring all that together,菲尔回忆道。. “我们正在寻找一种工具集，能够以一种智能的方式将这些功能整合在一起. 这就是Rapid7平台引起我们注意的地方.”

Rapid7平台的易用性和强大性非常重要. It offers a comprehensive, integrated solution with a set of user-friendly tools,” he explained.

“消化复杂、快速变化的数据更容易. 这在这个世界上是非常重要的. 如果事情发生了, the ability to quickly digest large data sets 和 figure out what’s real is critical. Rapid7在这方面脱颖而出.”

在IT之外扩展风险的可见性和所有权

The Rapid7 Platform is enabling Phil 和 his team to assign ownership of tasks, 行动, 以及组织中不同团队成员的风险. 结果是, Phil is moving cybersecurity out of the realm of technology 和 making it a core part of the business processes. 这有助于提高整个公司的应变能力.

For example, Phil points out how easy it is for criminals to create spoof websites. 实际上有数百种D的导数&克的名字. And, the team best placed to make a decision on what to do with those websites is our Br和 team. 他们是想让这些网站被关闭还是想让这些域名注册在D名下&G或从互联网注册中删除? 这不是一个安全或技术决策. 但是历史上在D&G, the br和 team has not been empowered to own this; that fell to the Information Security team to manage.

现在, 州菲尔, “最适合管理风险的人, 从网络的角度来承担风险. And, with the Rapid7 Platform , these teams don’t need to be cybersecurity experts. 这大大提高了团队的速度和生产力. So, there’s definitely a cost saving that comes from not having to build out loads of bodies staring at monitors.”

Phil adds that he receives a lot of compliments about the Rapid7 platform from the business teams because of its ability to take in 和 present a lot of data in a way that is easy to use 和 underst和. “人们告诉我们，哇，这太棒了. 我以前从来没有这样看待和管理风险. 我很乐意拥有它. 这绝对是我们工作的一部分.” 

生产力的“大规模”提高

Another winning aspect; the ephemeral single pane of glass. 使用Rapid7平台D&G has one central pane of glass to see where risks are within all the functions, 并确保每个功能都能减轻这些风险. “从我作为首席信息官的角度来看, Rapid7 provides a Platform that amplifies the ability of information security as a central function to be much more informed about that risk,菲尔注意到. 

Furthermore, Phil says that single pane has “massively” increased the productivity of the D&通过将上下文数据引入问题的严重性来帮助G团队. “It’s either a high or medium alert 和 the tool just quickly says where you need to look. 到目前为止，它是正确的. 我们还没有发现任何让我们担心的误报.”

“而且，Rapid7的编排能力是无与伦比的，”Phil继续说道. “Rapid7 gives us visibility into a much more dynamic state because the cloud is much more dynamic. So, there’s more risk being managed better because the MDR SOC is able to observe what’s really going on.” 

新的数据，更深刻的见解

D&G很快就从Rapid7中学到了这一点, 他们从新的数据中获得了见解, 和 translated that data in a way that business stakeholders can underst和 和 act on. “我们对指标的兴趣并没有改变, but our ability to deliver context  to support the metrics has changed significantly with Rapid7. 它已经现代化了. It’s night 和 day from where we were six months ago 和 I think it will accelerate over the next six months,菲尔说。. 

D&G总是跟踪一些技术指标, 例如DdoS攻击的次数, 网络钓鱼和恶意邮件. 菲尔在过去注意到这一点, 这些指标, 这些都是技术性的, have been relatively easy because you can go into the tools 和 find 这些指标. “But the Rapid7 SOC provides a more well-rounded view of risk allowing us to bring into that portal the metrics around br和, 声誉管理, 和欺骗域名. And that allows us to gain a view into the overall cyber risk facing the business.” 

Phil adds that he receives a lot of compliments about the Rapid7 platform from internal users because of its ability to take in 和 present a lot of data in a way that is easy to use 和 underst和. 

继续与Rapid7的旅程

D&G在Rapid7上取得了很大的成就, 和 Phil says their company is still on a journey toward the security posture they envision. Phil adds that the Rapid7 roadmap is something they’re leaning on as they head into 2023. “The way Rapid7 builds its business to enable companies like ours to ​​operationalise the management of cyber risks to improve enterprise resilience gives us confidence that this is a really exciting platform that’s going to go places.”