Customer Situation
A higher education organization had limited resources and budget to invest in cybersecurity. The company had legacy technology in place, and the biggest challenge was that their team was so overwhelmed by the number of tools and products they had.
Their legacy technology included antivirus software but no SIEM, and the endpoint security solution was limited to only core business devices. Additionally, there was little investment made in cybersecurity policy, processes and awareness training. As a result, the business had a breach and was in need of a fast recovery solution.
Challenge
The lack of controls and visibility was a significant challenge for the business, and experiencing a breach stemming from email threat vectors made it clear that the existing security measures were not sufficient.
Like many educational institutions, this organization needed to protect three very different groups: staff who utilize company technology, current students with their own devices also utilizing school technology and alumni who have access to their school emails. Although not directly responsible for student and alumni technology and devices, the school needed to be able to monitor student and alumni email security effectively to mitigate possible business email compromise threats.
The organization did not have the resources to hire more people, and the limited budget for the business made it challenging to implement new technologies. Their very lean team was struggling to manage multiple threat vectors and point products
Outcomes
Improved Visibility Into The Entire Environment
Improved Security Posture
Met Strict Budgetary Requirements
Secured Multiple User Personas
Solution
Difenda proposed implementing a Rapid Incident Response (RIR) service, which could be quickly deployed with minimal disruption to the business. The initial conversation revolved around how the breach occurred and new processes to mitigate risk. However, it was determined that more visibility was needed, and better use cases were required to monitor the threat vectors effectively.
The organization already invested in Microsoft Security 365 A5 licensing, so Difenda optimized their current toolset and implemented Managed Exchange Detection and Response (MXDR) for faculty and Managed Email TDR for students and alumni. To help streamline cybersecurity management Difenda operationalized the Difenda Shield so the team had a single pane of glass view into their entire system.
Difenda also took on some of the heavy lifting and operational activities, implementing controls such as security awareness training, deep dark web monitoring, and threat intelligence. We then collaborated on establishing policies, procedures, and documentation to enhance the existing security posture.