With a complex and business-critical cloud migration planned, Bernhard Schulte Shipmanagement (BSM) needed a solution to monitor its digital environment for potential cyber threats.
The shipping company wanted to build a long-term partnership with an experienced managed detection and response (MDR) provider. The purpose of its planned cloud migration to Microsoft Azure was to achieve a more centralised IT approach for both its primary and regional offices, many of which are small maritime centres. BSM had several criteria for its ideal partner, relating to technical expertise, their approach to threat detection and depth of experience.
BSM recognised the value of Kroll Responder MDR in improving visibility across its infrastructure and the impact that the service would have in driving a reduction in the average time to detect and respond to threats. Kroll’s global security operations centre (SOC) professionals operate as a virtual extension of the BSM team, providing the high-quality insight and mitigation guidance its IT team needs to respond to incidents whenever they arise.
“The human factor is something I’m always looking for,” said Petros Andreou, head of IT at BSM. “I don’t want to talk with bots, I want to talk with people. This personal approach is something I noticed from my first engagement with Kroll and it is still true today.”
To further enhance BSM’s security, Kroll conducts managed vulnerability scanning and accredited penetration testing, which helps identify and address vulnerabilities across its global infrastructure.
As a result of working with Kroll, the shipping company has vastly improved its cyber resilience in multiple ways.
It has enhanced threat visibility across its global network of offices, ships and public cloud environments. Kroll’s technology-agnostic approach, deep integration with vendors such as Microsoft, and its security experts have helped BSM to migrate from a legacy security information and event management system to cloud-native security monitoring with Microsoft Sentinel. Kroll swiftly identifies and helps the IT team respond when threats arise, from phishing attempts that are prevented by a secure email gateway to stopping fully-fledged ransomware attacks before detonation.
Kroll uses the latest threat intelligence from over 3,000 of its frontline incident investigations a year to detect current and emerging threats and constantly tunes the underlying technology – included as part of Kroll Responder – to reduce false positives.
BSM can also quickly respond to incidents and significantly reduce the possibility of an attack using automated playbooks and actionable mitigation guidance from Kroll. Incident information is shared securely via Kroll’s Redscan threat management platform, while the firm’s SOC teams thoroughly analyse and investigate every security alert received. If the alert is deemed to be a genuine incident, Kroll uses the Redscan threat management platform to notify BSM, relay the incident’s priority level and supply the information needed to assist remediation.
In addition, BSM has improved vulnerability management via Kroll’s broader portfolio of solutions and support. These include advisory and consultancy services for chief information security officers and data protection officers, as well as incident response threat simulations to identify and help address hidden vulnerabilities across the company’s infrastructure.
“From the monthly service reports to personal engagement from both technical and managerial teams, it is this collaboration that allows the tripartite relationship between BSM, Microsoft and Kroll to work so seamlessly and be aligned for the future evolution of the security market and threat landscape,” said Marc Brawner, head of managed services at Kroll.
Working with Kroll has provided BSM with greater visibility across its global network of offices and ships to better detect and respond to threats. Teams within Kroll help BSM to navigate and deploy appropriate security controls and processes. These include those related to its Microsoft Security strategy, continuously monitoring systems using Kroll Responder MDR, and ultimately building a more effective and resilient IT infrastructure while meeting compliance obligations.
Explore the extensive capabilities of Kroll Responder MDR for Microsoft on Kroll's website.
This article was originally published in the Spring 2023 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.