A chemical corporation finds the way to permanent successful risk optimization
Introduction
ESIM Chemicals™ is a leading service provider for specific syntheses of unique chemical compounds. ESIM develops exclusive syntheses and intermediate products for clients in various industries such as the agricultural industry. Moreover, the globally operating company maintains a rich portfolio of chemical standard products. In Austria’s city of Linz, ESIM employs more than 300 in development and production.
Ayman Matter is ESIM’s longtime IT Director and IT Security Officer. He bears the overall responsibility for all the company’s IT networks.
As one of his biggest challenges Ayman Matter sees that his IT-team comprises a staff of only 2, himself included. The team has always been aware of a cyber attack’s potential impact on the consecutive production flow, e.g., through stillstand.
Without dedicated vulnerability management, almost every day turned into a balancing act, trying to achieve maximum IT security and most effective cost controlling, both at the same time. This resulted in stress from uncertainty. Because, before Matter decided to use Autobahn Fit, the company’s IT security routine consisted of one single deep-dive pen test per year, as prescribed by corporate management.
Action is imperative, when scans repeatedly reveal thousands of unprioritized vulnerabilities
Each pen test resulted in thousands of lines in excel tabs, without explaining which threat should be regarded as critical, and which could be tackled later. Also, no information was given about how complex the respective remediation would be.
Regarding newly added assets to the network, surveillance through the Managed Service Provider (MSP) remained obscure. At that point in time, ESIM’s IT Director had no means to see if the MSP had fixed the vulnerabilities found. So, between pen tests, the question remained if progress regarding vulnerability management was achieved at all – with repeated disappointment for the MSP, too.
What exactly are the needs of the head of a 2-person IT security team and his MSP?
ESIM’s IT Director personally went on a quest to find a solution. At an IT-fair, Ayman Matter talked to the experts of Autobahn security. He quickly got the impression that Autobahn Fit can give him exactly what he was looking for, and all of it in a short period of time:
- An IT security software easy enough to handle for small teams
- Presentation and evaluation of vulnerabilities from a hacker’s perspective
- Easy-to-understand, prioritized remediation guides
- Improved reporting to corporate management
In consultation with the MSP, decision for a test-run was made, enabling network security assessment from an early stage. Set-up was completed within 2 days – which Matter describes as perfectly smooth. Any request was answered swiftly by Autobahn Security’s experts.
“Autobahn‘s scalability will align with the envisioned growth for ESIM Chemicals™, helping us to achieve our goals.“ Ayman Matter, IT Director and IT Security Officer of ESIM Chemicals™
The added value of Autobahn Fast for ESIM Chemicals – 5 factors
Today, as a permanent customer of Autobahn Fast, ESIM finally benefits from a monitoring system. Through binding Service Level Agreements (SLA), Ayman Matter can surveil the MSP’s work and measure their improvements directly on the platform, at any time.
The second solution comes in the form of Autobahn Security’s performance package, which easily allows to schedule preassigned tasks. Today, 4 scans per quarter, and four complete check-ups per year take place, contractually agreed upon with ESIM’s MSP – a reassuring plus from the get-go for the IT Security Officer.
As two further solutions Matter sees the automated prioritization of vulnerabilities, and the easy-to-follow step-by-step remediation guides. Autobahn Fast evaluates ESIM’s vulnerabilities from a hacker’s perspective, indicating how likely hackers are to exploit respective vulnerabilities.
Aside from effective remediation, this leads to better estimation concerning expenditure of time – and to more peace of mind. Because results are now to be anticipated at fixed times: scans take place in synchronization with patch days, so that after patchings, ESIM’s IT team of two and their MSP can witness reduced Hackability Scores on the spot.
Autobahn Security’s KPI, the Hackability Score, according to Matter is the fifth outstanding aspect, especially regarding the evaluation of the MSP’s performance but also in terms of a more coherent and conclusive reporting to management.
After short time: many excellent results and a great feeling
Only three months after the implementation of Autobahn Fast, the Hackability Score over the various networks was reduced from over 60 to 16 in average. This equals a reduction by more than 70% – with a decreasing trend.
The complete outage of ESIM’s networks through cyber-attacks could cause damages worth millions, within short time. In comparison, the investment in Autobahn Security seems negligible.
When asked to quantify the concrete benefits of the ROI, Matter replies that – disregarding numbers – he benefits from an inestimably high intangible ROI alone. Because the feeling of a permanently successful risk optimization is priceless in itself.
Request a free expert discussion right now
We evaluate your individual challenges, schedule a demo session, provide an overview of our value process, and discuss potential milestones and next steps. Talk to our team to see how Autobahn Security can make you cyber-fit!
