Elly Yates-Roberts |
The Chemours Company is a global chemistry business with a 200-year-old legacy and commitment to creating a better world. Known for owning prominent brands such as Ti-Pure, Opteon and Teflon, Chemours has 6,400 employees serving approximately 3,200 customers in 120 countries.
As a chemical manufacturer, Chemours operates its facilities with a strong focus on safety and securing the integrity of its data. To face this challenge and help ensure compliance, Reginald Williams, chief information security officer at Chemours, had a vision for transforming the company’s cybersecurity strategy. Williams wanted to maintain the integrity of the manufacturing process and Chemours’ data, without slowing the business down.
With a global network of users across approximately 60 locations, Chemours has a lot of assets to protect. Historically, Chemours’ chemical plants operated in silos when it came to data and analytics. However, this approach reduced visibility in the manufacturing chain and Williams wanted to securely centralise these analytics.
Among the first decisions Williams made during this transformation was to reduce the number of security tools. Chemours is a Microsoft-first organisation, with Microsoft Sentinel and Microsoft 365 E5 playing key parts in its cybersecurity strategy.
E5 provides Chemours with a mature security stack from a single vendor experienced in the manufacturing industry, eliminating the need to manage and monitor up to 40 different cybersecurity products.
Williams also wanted to find a partner and collaborator to provide managed detection and response (MDR). Since Chemours had consolidated systems using Microsoft technology, he wanted an MDR provider that was proficient in the Microsoft environment. Beyond this though, Williams wanted a co-innovation partner, one that would listen to his company’s needs and produce a solution tailored to fulfil them.
After seeing a proof of concept from Microsoft cybersecurity partner Open Systems, Williams added Open Systems MDR+ to his line-up.
“We decided to go on a two-year journey to transform cybersecurity from where it was to a much more mature state,” says Williams. “Open Systems was an integral part of that journey with its managed detection and response capability.”
The Chemours ecosystem now runs efficiently and securely, with help from Open Systems’ Mission Control 24x7 security operations centre (SOC). Mission Control uses a combination of people, technology and processes that follow repeatable security ‘missions’, custom runbooks that prescribe how to protect the enterprise in real time today and level up its security posture for the future.
Through its collaboration with Open Systems, Chemours also gained a strategic advantage by marrying the telemetry of the network operations centre with the SOC. This brought the logs into one operations centre, where Open Systems engineers carry out investigations and respond accordingly.
MDR+ has enabled Chemours to manage its cybersecurity with a smaller in-house team. Open Systems’ Mission Control SOC analysts and engineers have expert knowledge of the Chemours environment, which allows them to go beyond detection and response and actually mitigate the threats.
“The service that Open Systems provides for us is actually fulfilling the need of 10, maybe even 12 full-time individuals,” says Williams. “With Open Systems, they’re doing the engineering, they’re doing the analysis, they’re building capabilities that I don’t have to shoulder myself.”
Open Systems’ Microsoft expertise, integrations and machine learning models now provide Chemours with better context on its attack surface, improved integration with Microsoft tools for simpler coordination with IT, and secure configuration of critical Microsoft infrastructure. Chemours can also use Azure Lighthouse to connect Microsoft Sentinel to Open Systems, bringing the analytics from the disparate plants together in a secure cloud environment and maintaining full data retention. This ensures the company never loses visibility or control of its data.
“Open Systems became an integral part of the cybersecurity maturity model we aspired to – and achieved,” says Williams.
Given that Chemours produces chemicals that are critical to modern-day living, data security and compliance will always be paramount.
“If there’s a threat, I need a solution for that threat,” says Williams. “Open Systems MDR+ not only solves my compliance needs, but it also extends beyond detection and response to mitigate threats.”
This article was originally published in the Summer 2022 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.