Enhancing cybersecurity for a Swedish manufacturer's global operations | HCLTech

Enhancing cybersecurity for a Swedish manufacturer's global operations

Our client has more than 20 manufacturing units worldwide and generates an annual revenue of over $350 million
5 min read
5 min read

The Challenge

Increased risk of cyber threats

However, they faced challenges monitoring memory and disk usage metrics for AppStream instances due to limitations in Amazon AppStream 2.0's monitoring capabilities. To address this, there was an urgent need for a cost-effective and automated solution to enhance AppStream monitoring and ensure accurate metrics without manual intervention.

  • Flat network across multiple factories, where communications between IT and OT devices are unmonitored and unidentifiable due to inadequate monitoring measures
  • Absence of a robust cybersecurity and governance policy for their OT platform
  • Inability to discover OT assets and inadequate visibility on OT devices, processes and communication
  • Insufficient security monitoring and absence of real-time risk insights of OT devices
  • Lack of integration between security solutions and Security Information and Event Management (SIEM) system

The Objective

Real-time insight into OT device risk

Our client wanted to improve their resilience against current and future threats.

  • Identification of assets that are connected to the OT network
  • Vulnerability management of OT assets and the OT network
  • Real-time risk insights of OT devices
  • Advanced and granular protection against cybersecurity threats
  • Seamless integration between security solutions and SIEM

The Solution

Integration of an advanced threat detection tool

HCLTech's Cybersecurity team leverage our 360-degree SecureOT framework, to develop a customized end-to-end program. The solution included:

  • Deployment of network monitoring sensors across multiple locations, centrally managed through cloud
  • Identification of assets connected to the network with parameters such as IP address, MAC address, hostname, protocols observed in communication, OS, model, firmware, etc.
  • Utilization of an advanced threat detection tool to enhance security for all operational technology devices
  • Integration of the threat detection tool with the existing IT SIEM solution for comprehensive cybersecurity incident monitoring

The Impact

Effectively managing 7,000+ endpoints assets

In partnership with our client, we created a robust security plan to fortify their OT network resilience using a risk-based approach. The roadmap emphasized aligning people, processes and technology for enhanced cybersecurity.

  • Achieved system visibility across 58 locations through 108 network sensors
  • Streamlined discovery and profiling of 22,000+ connected devices in OT environments
  • Centralized security monitoring for real-time risk insights across all sites
  • Managed 7,000+ endpoint assets with Microsoft Defender for Cloud Applications
  • Enabled proactive protection against OT/IT security incidents