Customer Company Size
Large Corporate
Country
- Worldwide
Product
- Bitglass Breach Discovery Engine
Tech Stack
- Firewall
- TOR nodes
- DNS server
Implementation Scale
- Enterprise-wide Deployment
Technology Category
- Cybersecurity & Privacy - Network Security
Applicable Industries
- Pharmaceuticals
Applicable Functions
- Business Operation
Use Cases
- Cybersecurity
Services
- Cybersecurity Services
About The Customer
The customer in this case study is a global pharmaceutical giant with over 20,000 employees. The company is a significant player in the pharmaceutical industry, producing a wide range of drugs and medical products. The company has a robust infrastructure and has invested in high-end firewall technology from a leading vendor. However, despite these measures, the company was facing significant security challenges. The newly appointed CISO was keen on evaluating the existing security infrastructure to identify any potential vulnerabilities and risks. The company's vast size and global operations make it a potential target for cyber threats, making the need for robust and effective security measures critical.
The Challenge
The global pharmaceutical giant, with over 20,000 employees, was facing a significant challenge in terms of its security posture. The newly appointed CISO wanted to evaluate the existing security infrastructure. Despite having a high-end firewall from a leading vendor, the company was still at risk. The Bitglass Breach Discovery Engine identified several high-risk Shadow IT cloud apps on the network. One unsanctioned cloud app was particularly concerning as it was used by employees to sync their contact lists and calendars. However, the most alarming discovery was the identification of three major risks: an internal IP in contact with a TOR node, twelve internal nodes in contact with a fake DNS server hosting phishing sites, and over thirty internal IPs contacting confirmed Malware hosts outside the firewall.
The Solution
The solution to the company's security challenges was the Bitglass Breach Discovery Engine. The CISO uploaded four days of firewall logs to the engine, which then analyzed the data to identify potential risks and vulnerabilities. The engine identified several high-risk Shadow IT cloud apps on the network, including one that was used by employees to sync their contact lists and calendars. More concerning were the three major risks identified by the engine: an internal IP in contact with a TOR node, twelve internal nodes in contact with a fake DNS server hosting phishing sites, and over thirty internal IPs contacting confirmed Malware hosts outside the firewall. The Breach Discovery Report provided by the engine listed the compromised IP addresses in order of risk, allowing for rapid investigation, quarantine, and remediation.
Operational Impact
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Case Study: Pfizer
Pfizer’s high-performance computing software and systems for worldwide research and development support large-scale data analysis, research projects, clinical analytics, and modeling. Pfizer’s computing services are used across the spectrum of research and development efforts, from the deep biological understanding of disease to the design of safe, efficacious therapeutic agents.
Case Study
Fusion Middleware Integration on Cloud for Pharma Major
Customer wanted a real-time, seamless, cloud based integration between the existing on premise and cloud based application using SOA technology on Oracle Fusion Middleware Platform, a Contingent Worker Solution to collect, track, manage and report information for on-boarding, maintenance and off-boarding of contingent workers using a streamlined and Integrated business process, and streamlining of integration to the back-end systems and multiple SaaS applications.
Case Study
Process Control System Support
In many automated production facilities, changes are made to SIMATIC PCS 7 projects on a daily basis, with individual processes often optimised by multiple workers due to shift changes. Documentation is key here, as this keeps workers informed about why a change was made. Furthermore, SIMATIC PCS 7 installations are generally used in locations where documentation is required for audits and certification. The ability to track changes between two software projects is not only an invaluable aid during shift changes, but also when searching for errors or optimising a PCS 7 installation. Every change made to the system is labour-intensive and time-consuming. Moreover, there is also the risk that errors may occur. If a change is saved in the project, then the old version is lost unless a backup copy was created in advance. If no backup was created, it will no longer be possible to return to the previous state if and when programming errors occur. Each backup denotes a version used by the SIMATIC PCS 7 system to operate an installation. To correctly interpret a version, information is required on WHO changed WHAT, WHERE, WHEN and WHY: - Who created the version/who is responsible for the version? - Who released the version? - What was changed in the version i.e. in which block or module of the SIMATIC PCS 7 installation were the changes made? - When was the version created? Is this the latest version or is there a more recent version? - Why were the changes made to the version? If they are part of a regular maintenance cycle, then is the aim to fix an error or to improve production processes? - Is this particular version also the version currently being used in production? The fact that SIMATIC PCS 7 projects use extremely large quantities of data complicates the situation even further, and it can take a long time to load and save information as a result. Without a sustainable strategy for operating a SIMATIC PCS 7 installation, searching for the right software version can become extremely time-consuming and the installation may run inefficiently as a result.
Case Study
ELI LILLY ADOPTS MICROMEDIA’S ALERT NOTIFICATION SYSTEM
Pharmaceutical production is subject to a strict set of enforced rules that must be adhered to and compliance to these standards is critically necessary. Due to the efforts of WIN 911’s strategic partner Micromedia, Lilly was able to adopt an alarm notification infrastructure that integrated smoothly with their existing workflows and emergency hardware and protocols. These raw energy sources enable the industrial process to function: electricity, WIN-911 Software | 4020 South Industrial Drive, Suite 120 | Austin, TX 78744 USA industrial steam, iced water, air mixtures of varying quality. Refrigeration towers, boilers and wastewater are monitored by ALERT. Eli Lilly identified 15000 potential variables, but limitations compelled them to chisel the variable list down to 300. This allowed all major alarms to be covered including pressure, discharge, quantity of waste water discharged,temperature, carbon dioxide content, oxygen & sulphur content, and the water’s pH.