Industry: Mining, Oil & Energy
Service: Professional Services
Location: Europe
Organization Type: Private
Employees: 51-200
Dedicated IT Staff: 1
Needs And Requirements:
This Energy & Technology Company, up and coming and innovative, required CISO as a Service to optimize their SOC tasks and deliver Cyber Governance based on the adherence to ISO27001. They required this CISO to be fully integrated with their Cybersecurity team and that meetings be held to assess the progress of tasks, to record and validate completed tasks and deliverables, and guarantee the quality of the provided services. Finally, they required full support, assistance, and expertise in the event of an attack by Ransomware.
Main Challenges:
Lack of Robust Incident Response and Business Continuity Plans: Incident Response and Business Continuity Plans were missing and needed to be done for the company’s Cybersecurity.
Lack of a Cyber Risk Posture Assessment: The company was uncertain of its Cybersecurity Posture and Risks. They needed an initial in-depth assessment in order to have an initial view that could then be assessed further.
Compliance with Regulatory Requirements: Adhering to the ISO27001 standard was a necessity for this Company in order to retain clients and shareholders.
Solution:
Virtual CISO & Advisory Services: Hitachi Cyber and the client worked together to analyze, document, prepare and validate Cyber Risks, Cyber Threats, and Cyber-Attack scenarios to refine and optimize alerts for the Managed Security Services. Hitachi Cyber tailored a Cyber Incident Response Plan, a Business Continuity Process and a Crisis Management Plan for the company to reduce the business and operational impacts of security incidents. These tasks were conducted in coordination with the client’s team. Hitachi Cyber worked with the company’s Cybersecurity team to structure and document missing procedures, thus bringing the company’s security up to standard.
Outcomes:
Following Hitachi Cyber’s work, the client company was ISO27001 compliant. They had a structure to their Operational and Security Policies, a clear view of their Security Posture, and solid Incident Response and Business Continuity Plans in case of an attack
Next Steps:
In the future, the company will continue to work with Hitachi Cyber as its acting CISO to monitor Cyber Governance and ensure its quality and improvements long-term. This continuous control over their Cyber Environment permits Hitachi Cyber to engage dedicated experts that understand the Cyber Risk Landscape at any given time, depending on demands.