the digital watchguard
case study on an energy company
This case study is on an energy company whose business success is highly dependent on the deployed information technologies. This is thus also reflected in the high level of implemented security measures. The enterprise has entrusted SCHUTZWERK GmbH with the implementation of regular IT security assessments and risk analyses for many years. The Digital Watchguard has strenthened the partnership further between the two companies.
Rising IT risks in combination with an increased complexity of information technology demand continuous security innovations
The continuous improvement of information security plays a key role in the IT strategy of this energy company. The company is required to continuously adjust security concepts and measures to changing threat scenarios. IT systems and services that are exposed to the internet, such as web severs and applications and/or email and VPN services, are thereby a key focus.
The protection of important buildings by security firms has always been common practice. It was therefore an obvious choice for the company to replicate this for critical IT systems. This is a fitting comparison as the Digital Watchguard essentially involves manual vulnerability monitoring. The innovative service provided by SCHUTZWERK combines the same technical tools used by attackers with the expertise of specialised auditors.
Detect security vulnerabilities earlier with the Digital Watchguard
Since the beginning of 2014 SCHUTZWERK has been monitoring the energy company's IT systems that are exposed to the internet on a monthly basis. The focus thereby lies on potentially attackable vulnerabilities which are emerging more and more swiftly and frequently in today's IT world, such as e.g. the so-called "Heartbleed Bug". The Digital Watchguard enables the company to detect and fix these vulnerabilities even faster and in a more targeted manner, thus providing the company with the important advantage to prevent attacks more effectively. The Digital Watchguard report contains individual recommendations for system adminstrators on all findings. In addition, the company's security management personnel gain continuous transparency on all system changes, the current state of quality of implemented security measures and the remediation status with regard to already identified vulnerabilities.
Annual security audits no longer suffice
Changes are commonplace in our fast moving IT world. Such high dynamics bear a risk potential for vulnerabilites. Near-daily system changes must inevitably be reflected in a higher number of assessment intervals. Fully automated solutions are, however, not appropriate for a company's individual and complex IT structures. The Digital Watchdog is a consistent response to this challenge faced not only by the energy company of this case study.