The client is a UK based insurer and reinsurer. They wanted to strengthen their security mechanisms, tools and processes around Identity and Access Management, Vulnerability Management, Cloud Security, Network Security, Security Operations Center, Cyber Threat Intelligence, and Governance Risk and Compliance in line with the industry standards.
Infosys analyzed their security landscape to diagnose the key risk vectors, and designed and delivered a holistic security solution.
Key Challenges
- Absence of asset discovery for vulnerability management and security monitoring
- Lack of security playbooks for critical and high-risk incidents
- Legacy security controls and distributed management
- No tool and processes to assess firewall based on defined rules
- Lack of data uniformity within active directory and CMDB
- Manual user access recertification and absence of multi-factor authentication
The Solution
Tailored security solutions meeting client’s needs
- Leveraged Qualys cloud platform to identify assets in the network, perform vulnerability scans and report it for remediation
- Implemented Infosys Cyber Watch, an automation-first, threat-centric and risk driven approach for security operations
- Implemented automation playbooks for incident triaging analysis and containment
- Implemented ExtraHop (Network Detection and Response) to enhance detection of anomalies with risk scoring
- Implemented Firemon tool to oversee network security management and operations
- Used incumbent IT infrastructure compliance tool to remediate data inconsistency/irregularity within multiple security controls
- Leveraged SailPoint to automate and manage end-to-end user access recertification
- Migrated CyberArk Endpoint Management (EPM) and Privilege Access Management (PAM) modules from on-premises to SaaS platform as a first step towards cloud transformation
- Created conditional access policy for client employees to securely access O365 resources from BYOD personal devices without compromising confidential information
Benefits
Enhanced security – Proactive defense against threats
200,000+ Open and legacy vulnerabilities remediated
100+ Use-cases enabled into the production environment to strengthen the detection and prevention capabilities of the Infosys Cyber Watch platform
30+ Critical security incidents resolved quarterly
Effectively handled suspected Clop Ransomware ensuring zero security breach and no traces of related vulnerability in the environment
100+ email DLP breaches investigated and KPIs shared with the CISO team
