Leading North American energy infrastructure company modernizes and secures their grid
Overview
Reducing alert overload and false positives for a leading North American energy company. HCLTech enhances the effectiveness of Security Information and Event Management (SIEM) and provides 24x7 Security Operations Center (SOC) services for continuous protection.
The Challenge
Alert overload and false positives
The client faced a high volume of security alerts, making threat investigation time-consuming and inefficient. Despite significant effort, many alerts turned out to be false positives, delaying response to real threats and increasing operational risk.
The Objective
An enhanced grid and corporate security posture
To overcome these challenges, the client aimed to:
- Enhance grid and corporate security
- Proactively identify and neutralize threats before they escalate
- Detect compromises in third-party vendor systems that could impact their own security
The Solution
Optimization of the SIEM environment
HCLTech deployed its Cyber Security Fusion Center (CSFC) to continuously optimize the client’s SIEM environment and deliver follow-the-sun Tier 1 and Tier 2 SOC services.
Tier 1 Services:
- Monitor client and third-party systems for threats and vulnerabilities
- Triage and respond to alerts
- Manage monitoring and reporting tools
- Investigate, remediate and document incidents
Tier 2 Services:
- Perform forensic analysis on escalated alerts
- Proactively probe for compromises
- Optimize security tools to align with best practices
- Assess risks and vulnerabilities
Additionally, the client gained strategic and tactical access to HCLTech’s security expertise, research and knowledge-sharing resources.
The Impact
Continuous protection and measurable results
HCLTech established world-class security operations with joint ownership of outcomes, fostering collaboration between business and IT teams. Key benefits include:
- Enhanced grid and edge security
- Pre-emptive threat neutralization
- Identification of vendor compromises
- Improved visibility and faster incident response
- 44% reduction in SOC alerts through fine-tuning
- ~97% compliance on TTN SLA performance
- Lower breach and operational costs
- Stronger communication and collaboration
- SOC audit score improved from 96.9% to 98.5%
In short, the solution provides continuous protection that evolves with the client’s changing needs.
Related Case Studies
Engineered an advanced video analytics platform to drive greater efficiency and productivity in monitoring operations for WaterNSW
Learn more
A leading utility improves efficiency, incident response and compliance with HCLTech's scalable Broadcom AIOps solution
Learn more
HCLTech consolidated the IT infrastructure operating model for our electric transmission and distribution client, developing a strong, sustainable operating model to drive predictability in operations
Read more
HCLTech helped build a stable foundation to support innovative digital solutions for our client and their customers while helping them deliver safe, reliable and sustainable energy to customers
Learn more
A major natural gas distributor with 6,000+ employees modernized key applications by migrating to AWS's cloud-based infrastructure.
Learn more