Cadwalader, Wickersham & Taft Enhances Security with Cybereason EDR Platform
Customer Company Size
Large Corporate
Country
- United States
Product
- Cybereason EDR
Tech Stack
- Endpoint Detection and Response (EDR)
Implementation Scale
- Enterprise-wide Deployment
Impact Metrics
- Customer Satisfaction
- Productivity Improvements
Technology Category
- Cybersecurity & Privacy - Endpoint Security
Applicable Functions
- Business Operation
Use Cases
- Intrusion Detection Systems
Services
- Cybersecurity Services
About The Customer
Cadwalader, Wickersham & Taft is an international law firm with a rich history and a global presence. With more than 400 lawyers spread across five offices worldwide, the firm is renowned for its expertise in legal matters. The firm handles a wide array of legal services, catering to a diverse clientele that includes corporations, financial institutions, and government entities. As a large corporate entity, Cadwalader places a high emphasis on maintaining robust security measures to protect sensitive client information and ensure compliance with legal standards. The firm’s security team is tasked with safeguarding its IT environment, which includes approximately 2,000 endpoints, against potential cyber threats. Given the nature of its operations, the firm requires advanced security solutions that can efficiently manage and mitigate risks while allowing its legal professionals to focus on delivering exceptional services to their clients.
The Challenge
Cadwalader’s security team faced challenges in streamlining the threat investigation process. The existing method involved manually combing through firewall logs and conducting packet analysis, which was time-consuming and labor-intensive. The process was disjointed, requiring individual teams to perform tasks ad hoc, often spending hours analyzing blocked sources and running antivirus scans. The firm needed an EDR tool that could efficiently detect and investigate threats across the entire IT environment, provide an end-to-end view of incidents without manual data review, and be intuitive enough to use without extensive training.
The Solution
Cadwalader implemented the Cybereason EDR platform across approximately 2,000 endpoints. The platform was chosen for its ease of use and minimal training requirements, allowing the security team to begin investigating suspicious activities immediately. Cybereason provided a comprehensive timeline of incidents, reducing the investigation process from hours to minutes. The platform uses an in-memory graph to correlate data from all endpoints, automatically detecting suspicious activities and generating a complete attack story. This capability allowed the security team to focus on compliance work and tactical projects, enhancing their ability to protect the firm. Additionally, Cybereason enabled the adoption of a behavioral-based approach to threat detection, allowing the team to identify advanced threats such as fileless malware attacks. The platform’s ability to provide an end-to-end view of the IT environment and correlate events in a timely manner was a significant advantage, freeing up time and resources for the security team.
Operational Impact
Quantitative Benefit
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Protecting a Stadium from Hazardous Materials Using IoT2cell's Mobility Platform
There was a need for higher security at the AT&T Stadium during the NFL draft. There was a need to ensure that nuclear radiation material was not smuggled inside the stadium. Hazmat materials could often be missed in a standard checkpoint when gaining entry into a stadium.
Case Study
Visual Management on Gas Tankers
Gas tankers are massive ships with a limited crew, making them extremely difficult to monitor. Video surveillance systems, which use a large number of widely distributed devices, and fire prevention systems are both crucial elements of a gas tanker monitoring system.The system used for this application is a legacy analog CCTV surveillance system that is completely independent from the main monitor and control SCADA system. With this system, the administrator responds to an event by first using the SCADA system to locate the event, and then accesses the appropriate surveillance camera from the CCTV system to view the location. The goal is to upgrade the system so that only one step is required. This is done by integrating the CCTV surveillance system into the SCADA system, in which case the surveillance system becomes a SCADA sub-system, making centralized control and monitoring possible.System Requirements- Upgrade to an IP video surveillance system for integration with the existing SCADA system- Live video display (through the SCADA system)- Enable events in the SCADA system to automatically trigger live video display- All the devices need to be of rugged design and have an anti-explosion defense
Case Study
Leveraging Graph Technology for Enhanced Cybersecurity: A Case Study on MITRE's CyGraph
MITRE, a federally-funded, not-for-profit company that manages seven national research and development laboratories in the United States, was grappling with the challenge of managing an influx of cybersecurity data. The constant changes in network environments were impacting the security posture of U.S. government agencies. Intrusion alerts, anti-virus warnings, and seemingly benign events like logins, service connections, and file share access were all potentially associated with adversary activity. The cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. This required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness. The challenge was not the lack of information, but the ability to assemble disparate pieces of information into an overall analytic picture for situational awareness, optimal courses of action, and maintaining mission readiness. The team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities.
Case Study
EMC's Transition to SMS for Real-Time IT Alerts
EMC, a global leader in cloud computing, data storage, and data virtualization, was struggling with an inefficient and slow method of alerting its 68,000 employees about IT system updates. The traditional method involved drafting an email, proofing it, getting approval from several stakeholders, and finally sending it. This process was not only labor-intensive but also unreliable as it depended on the user's email being unaffected and the user actually opening and reading the email. After sending 1.2 million alert emails in a single month, EMC decided to find a more efficient and immediate way to alert employees. The challenge was to find a solution that was not only faster and less labor-intensive but also globally available and scalable to EMC's needs.
Case Study
Mitigating Cybersecurity Risks in Manufacturing: A Case Study of Jacobs Douwe Egberts
Jacobs Douwe Egberts (JDE), a global coffee and tea company, faced a significant challenge in the wake of a malware incident in 2017 that caused a computer outage across Mondelez’s global operations, resulting in losses of €100M. This incident served as a wake-up call for JDE to implement a robust cybersecurity program to protect its operational technology (OT), including the industrial control system (ICS) environment across its factories worldwide. The advent of Industry 4.0 has led to increased interconnectivity in manufacturing environments, making them more vulnerable to cyberattacks. Traditional IT security measures were no longer sufficient to protect JDE's manufacturing operations. The company needed a comprehensive overview of all cybersecurity risks and vulnerabilities across its factories, including all operational technology computing systems used to manage the entire industrial operation.
Case Study
Modernizing the Angolan Government Agency Voter ID Program with IoT
The Angolan government agency was seeking to upgrade its voter ID system ahead of the elections in Q3 2017. The aim was to increase the number of citizens eligible to vote by issuing voter IDs in a short time frame. The existing voter ID printing system needed to be replaced with a solution that reduced costs significantly by providing mobility and streamlining operational processes. The key selection criteria included a faster throughput secure issuance printer solution, a de-centralized secure issuance solution to increase the number of citizens enrolled, a Wi-Fi based secure issuance printing solution for increased convenience, improved reliability of the printing solution, a lightweight, easy-to-use portable solution for collecting citizens’ data and issuing voter IDs for citizens residing in remote areas, and high levels of security to combat fraud and minimize the number of counterfeit voter IDs.
