The objective of the client was to improve the overall security posture of its infrastructure. The customer collaborated with Coforge to implement advanced security technologies in order to gain more insights about the looming threats to the organization and have defense mechanisms in place to protect the IT infrastructure from new emerging threats.
About the Client
The customer is one of the largest and oldest cement and building material company in Thailand and Southeast Asia.
The customer wanted a vendor to define security roadmap for its organization based on the NIST and ISO27K1 standards. The vendor should identify the gaps and suggest/implement the remediation accordingly. The customer infrastructure was spread across countries, the customer didn’t had visibility of the infrastructure and wanted the vendor to perform the asset discover and baselining as well. The customer had implemented basic security controls in its environment and was looking to implement advanced security controls to protect its IT infrastructure. In addition to these, the customer wanted the vendor to provide Threat and Vulnerability Management services.
With a customer-focused approach, Coforge was able to design and implement a solution catering to customer’s needs. The solution is described below:
- Alignment to customer’s security frameworks & policies for smooth transition and ongoing operations.
- Asset discovery exercise and asset categorization according to criticality, across customer’s environment.
- NIST assessment and compliance assessmentin accordance with ISO 27001 and local data protection laws, identification of gaps and providing detailed report with suggested remediation.
- Establishing a 24x7x365 security operations, implementation of SIEM solution using Coforge’s SIMP framework.
- Leverage Coforge's i-DART service to provision integrated threat intelligence service.
- Deliver behavior based advanced threat detection capabilities and on-demand threat hunting services using Coforge’s i-DART service.
- Compliance testing of the environment to know the current patching posture of the environment and identify the scale of vulnerabilities for patching.
- Implementation of the robust Threat and Vulnerability Management program using Coforge’s MASTER framework.
- Enabling O365 adoption by defining and configuring policies for services like DLP, MFA etc.
- Defined a phishing assessment and training program for security awareness.
Delivering more value:
- Single pane of view showcasing security posture and risk.
- End-to-end visibility of the assets.
- Automated remediation of the OSP based incidents.
- Improvement of 0.5 point in NIST maturity level of the customer’s environment.
- Improvement of 60% in user awareness as a result of security training program based on Coforge PAT service.
The Coforge Advantage
Coforge proven methodology for transition and transformation helped in completing the client onboarding in a short span of 12 weeks. Coforge ran a parallel operation of knowledge transition and implementation of security technologies for 8 weeks to complete the project on-time despite the regional language barriers.