When this global manufacturer experienced a breach, it needed a swift response to closing the vulnerabilities and getting critical systems back online — and a plan for protecting its future.
The vision: Agile intervention to critical system’s breach
All modern businesses understand the severity of breaches and the nearly endless complications they can introduce into an enterprise. For this major manufacturer, a breach of its most critical systems led to a total outage and widespread compromise of credentials — ultimately resulting in hundreds of millions in lost revenue. With operations teams offshore and remote access being revoked during the breach, this client needed immediate assistance on-site at locations all over the world.
In incident response situations, businesses have to strike a balance between the fastest recovery possible and preparing for the long term. Tech debt can often introduce itself when solutions for the short-term are implemented that may not serve an organization’s best interests over the coming months or years. While tech debt is hard to predict or control, partnering with a strategic partner can help alleviate these concerns as they have the expertise to support finding that balance depending on the business's unique circumstances and goals.
Immediate tactical response and strategic protection for the future
What this client needed most was a partner that could not only mobilize resources quickly but also make recovery decisions that would support the future of its business and security needs. The Insight team was able to respond within a day of contact from the client, with over a hundred experts supporting efforts at different sites globally. With this support, the manufacturer was able to secure its systems and resume operations quickly. While remediation was the immediate goal, both Insight and the client kept in mind that balancing the long-term needs of the business would not only help protect its future but also reduce some potential tech debt burdens.
In the immediate, 15 expert engineers were placed at global locations over 12 weeks to help repair and protect the affected on-prem infrastructure. Additionally, a team of over 100 technicians spent three weeks on-site at the client’s HQ to deploy MFA recovery efforts, resulting in more than 10,000 internal passwords being reset. To promote a secure future, Insight provided the manufacturer with a comprehensive design and roadmap and pipeline of improvements to give strategic direction to bolster its security posture and response going forward.
Most significantly, the Insight team determined that improving the separation and remote access standards between IT and OT (operational technology, which is abundant in manufacturing plants) organization-wide would promote a better-protected enterprise. With these two aspects of the business isolated through modern network and security segmentation, a potential incident might result in an outage at one plant but not impact dozens of other locations and corporate operations, while also reducing the risk of a breach in the first place. With this new architecture, the client will not only be able to recover from potential incidents faster and more efficiently, but it will also have better visibility of its systems and incoming threats.