Case Study

TES gains simplified SecOps and greater visibility across all data with the Cortex XDR platform

In brief

Customer

TES

Industry

High technology

Location

Australia

Partner

RightSec

Partner Website


Challenges

  • TES wanted to enhance their cyber incident readiness, with faster detection, response, and recovery from incidents.
  • In an evolving threat landscape, they required fast and effective deployment.
  • They needed a solution that aligned with their global security requirements across 21 countries and ~40 locations.
  • TES wanted a solution that would align with regulatory requirements ISO27001 and NIST CSF.

Solution

TES selected Cortex XDR® from Palo Alto Networks.

Results

  • The customer gained greater risk visibility and a mature incident response mechanism.
  • They realized cost, capacity, and value improvements, as they worked with their MSSP and XMDR partner, RightSec, to gain value.
  • TES was able to align to required regulatory standards and frameworks.
INTRODUCTION

TES provides comprehensive solutions that enable clients to transform and repurpose technology devices responsibly and sustainably. The company has been in play since the origins of electronics e-waste and recycling, continuously developing their model to a point where they currently deliver end-to-end services to the market. This includes data sanitization, brand protection, securing reverse logistics, part supply of extended asset life, refurbishment, reuse, and other services that relate to the commissioning and decommissioning of assets and services right through to asset storage, preparation, and distribution.

Stuart Hebron, Group CIO, outlines how TES has grown into a company with 2,000 employees in over 40 locations across 21 countries, processing about 5 million assets annually for clients. With 2.7 million square feet of owned and leased facilities, the company recycles 86 million kilograms of materials every year.

As customers send their assets to TES to resell, recycle, or harvest in part, it is integral to the company to have a secure supply chain.

CHALLENGE

Centralized governance, cyber incident readiness, and regulatory compliance

With the fallout of the pandemic, TES was facing an ever-evolving threat landscape.

Instead of addressing the issues that they faced at a tactical threat level, Stuart and his team wanted to take a more holistic approach. “The IT team at TES was doubling up as the cybersecurity team. There was a surge of risk after the pandemic and we realized the need to deploy a fast and effective solution that aligned with our global security requirements, while also adhering to regulatory requirements like ISO27001, and NIST CSF,” Stuart explains.

To stay ahead of cyberthreats, TES decided to opt for a solution with a solid foundation, while also offering network security and standardization through a unified interface.

SOLUTION

Modern SOC deployed at record time, cost-effective automation, and unified interface for enhanced visibility

TES was utilizing a SASE solution, managed by an MDR partner. The solution generated vast amounts of data that needed to be analyzed for actionable insights. To address their challenges, they turned to RightSec who was their managed security service provider (MSSP). As an eXtended managed detection and response (XMDR) partner of Palo Alto Networks, RightSec introduced the Cortex XDR solution to TES.

As part of their suite of services, RightSec provides a virtual CISO (vCISO) service. TES used the vCISO service to tap into RightSec’s expertise and SOC capabilities. With strategic guidance and insight from Virginia Calegare, Founding Director at RightSec, TES opted for Palo Alto Networks Cortex XDR. “Combining capabilities from RightSec and Palo Alto Networks, TES has arrived at the best combination cocktail, which I believe is the cornerstone of TES’ security model right now,” Stuart declares.

RightSec is one of Palo Alto Networks select channel partners, having achieved both Cortex threat response competency (TRC) and XMDR certification. They help customers streamline their SOC to mitigate cyberthreats. The existing solutions at TES didn’t detect nor stop threats effectively. RightSec assessed Cortex XDR across 38 operational requirements, against the MITRE ATT&CK® framework, as well as against competitors. Cortex XDR placed at the top of the recommendations list for an XDR tool, as the solution aligned with governance and technical security requirements at TES. Virginia shares, “Operationally, TES needed effective detection and response across the network, endpoints and cloud. Ultimately, it was determined that Cortex XDR was best-suited.” There have been several integrations since Cortex was deployed, where RightSec started scripting and parsing so that security alerts can be managed from within the Cortex® Data Lake. The different modules within Cortex delivered on several regulatory controls, such as ISO27001 and NIST CSF.

Onboarding and deployment were completed by the RightSec and TES IT team in record time—in a matter of two weeks. “TES has invested in cybersecurity across all points of its IT asset disposition (ITAD) practice, so as to safeguard the company. With Cortex XDR, we have gained the advantage of enhanced visibility, irrespective of where the solution is positioned within the broader network. Today, the company has a standardized, centralized environment with a solid foundation that facilitates ease of management and integrated dashboard visibility,” adds Stuart. TES needed to align with regulatory requirements, such as ISO27001 and NIST CSF. With machine learning and automation, the solution has enabled easy integration, leveraging threat intelligence and providing automated response.

"TES has invested in cybersecurity across all points of its IT asset disposition (ITAD) practice, so as to safeguard the company. With Cortex XDR, we have gained the advantage of enhanced visibility, irrespective of where the solution is positioned within the broader network. Today, the company has a standardized, centralized environment with a solid foundation that allows for ease of management and integrated dashboard visibility.”

– Stuart Hebron

Group CIO

RESULTS

Greater visibility of risk, enabling better risk management

With Cortex XDR, the TES team have been able to utilise Host Insights and vulnerability assessment capabilities. Advanced Cortex XDR capabilities, such as vulnerability management and asset inventory has allowed TES to increase their visibility, switching from a reactive to a proactive stance. Leveraging RightSec’s 24/7 SOC, TES has a mature incident response mechanism, where detection and response times have significantly improved. With 24/7 scanning and automated processes, all threats are blocked immediately. For instance, with Cortex XDR, the NIST CSF Detect and Response functions have moved from a Tier 1 to a Tier 3, with repeatable, consistent processes. All automated incident responses are enacted in a matter of seconds, and manual ones in a matter of minutes.

Cost, capacity, and value improvements

By deploying Cortex XDR, TES has gained rich data insights. RightSec is highly responsive to TES’ needs and facilitates management, analysis, and escalation of incidents whenever necessary. With Cortex XDR, they require fewer analysts as the process is more productive and efficient, which is reflected in the size of TES’ investment for the XMDR-managed SOC services. In addition to this, Cortex XDR was able to ingest data from other tools to provide contextual insights for TES to action. As such, TES was able to eliminate the MDR services tied to their SASE solution. This has resulted in cost savings for TES, and a better return on their cybersecurity investment.

Legacy SOCs would need 25 people to be securing a company as big as TES. With the modern SOC powered by Cortex automation, logs and orchestration can be seamlessly integrated. With RightSec’s expertise in providing XMDR services and the rich capabilities of Cortex XDR, RightSec only needs to assign seven active analysts to TES, bringing down the resource cost significantly.

Alignment to standards and frameworks; meeting TES commitments

With Cortex XDR, TES aligns with regulatory requirements such as ISO27001 and NIST CSF. As part of the prospective vendor vetting process, TES is assessed based on its ability to identify vulnerabilities and respond to threats. With Cortex XDR, they can now state that they are aligned to MITRE ATT&CK, a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. This allows them to not only leverage threat intelligence more effectively but also address their customers’ third-party and supply chain cybersecurity risk policies.

CONCLUSION

The combination of RightSec’s services, coupled with Palo Alto Networks product capabilities has put TES in a strong position today. Stuart Hebron sums it up by saying, “Palo Alto Networks helped us manage our risk and demonstrated their commitment to keeping us safe from cyber threats in record time. We trust the advice of RightSec and Palo Alto Networks. Ours is a success story of a strong collaboration between three parties, with a product that has proven to be a game-changer for beyond endpoint protection.” Cortex XDR has provided TES with additional depth and breadth of protection. Combined with added services from RightSec that analyze the data gathered effectively, TES has world-class cyber strength and resilience.

ABOUT RIGHTSEC

RightSec

RightSec specialises in providing top-notch cyber security services to businesses and organisations of all sizes, ranging from Strategy, Governance, Risk and Compliance (GRC) to technical offensive and defensive security services. Their risk based, and intelligence led approach sets them apart in a constantly evolving environment, and ensures RightSec’s clients can stay ahead of the game and increase their security maturity. RightSec’s team of experts are multilingual, highly experienced, function at the top of their fields, and hold industry best certifications.

RightSec has a global presence, headquartered in Australia with a branch in South America, and is a licenced provider for Managed Security Operations Centre (SOC) under the Cybersecurity Act 2018 in Singapore, where TES is headquartered.