Case Study: Industrial Defender

At A Glance

Industrial Defender was faced with the challenge of rebuilding its cybersecurity program from the ground up after being acquired by a private equity firm. The experts at Defensible Technology were brought in to provide Virtual CISO services and ongoing vulnerability monitoring. Thanks to Defensible, Industrial Defender now has a comprehensive and robust cybersecurity program that protects not only its internal assets, but all of the clients the company serves within the Critical Infrastructure sector.

Client Overview

Industrial Defender was the first Operational Technology (OT) Cybersecurity provider in the market, and since its founding in 2006, has supported several of the largest critical infrastructure companies around the world, including 8 of the 10 largest utility companies in North America.

Headquartered in Foxboro, Massachusetts, Industrial Defender serves industries such as utilities, oil and gas, chemical, transportation and logistics, pharmaceuticals, higher education, and healthcare. Critical infrastructure organizations have unique cybersecurity needs, with plants and endpoints spread across the globe, and systems and assets that often require 24/7 uptime. To meet the unique and demanding needs of cybersecurity and asset control within critical infrastructure environments, Industrial Defender offers software solutions with a management platform purpose-built to address the overlapping requirements of cybersecurity, compliance, and change management for industrial control systems (ICS).

Industrial Defender was previously owned by information technology companies Lockheed Martin and CapGemini, and was acquired by private equity firm Teleo Capital Management, LLC (Teleo) in January 2020.

Challenges

Before the acquisition, Industrial Defender’s cybersecurity initiatives were headed by its respective parent company; however, after being acquired by Teleo, the company faced the new challenge of needing to re-establish its cybersecurity program from scratch.

This challenge became especially urgent as Industrial Defender had over a decade's worth of revenue stream and dozens of existing clients, and could not afford to have cybersecurity vulnerabilities interrupt its operations or put its customers at risk. Additionally, as a software supplier for critical infrastructure organizations, Industrial Defender received numerous questionnaires and surveys from clients performing third-party vendor due diligence and audits and needed to quickly realign its cybersecurity program standards so that all questionnaire responses were an accurate representation of Industrial Defender’s cybersecurity program.

To fill the cybersecurity gaps created by the Teleo acquisition, Industrial Defender's leadership began the search for an outsourced team of cybersecurity experts. Defensible Technology was ultimately selected to help rebuild Industrial Defender’s cybersecurity program due to Defensible’s practical and client-centered approach to cybersecurity and cyber risk management.

Solution

To create and implement the policies and procedures needed to support Industrial Defender’s internal security needs, as well as the associated needs of its clients, many of the initial services provided by Defensible fell under their Virtual CISO-as-a-Service offering and were focused on strategizing and implementing a comprehensive security program.

To reestablish Industrial Defender’s cybersecurity program, Defensible Technology - led by CEO, Steve Doty - initially focused on three aspects of Industrial Defender’s security program: creating a baseline set of documents and internal standards; updating questionnaire and survey responses to reflect new policies and the governance approaches; and restructuring of technical procedures.

Since the initial engagement, the partnership has evolved, and Defensible now provides additional cybersecurity services that address technology operations and relationships with third-party information technology (IT) providers and vendors. Additionally, Defensible provides advisory in building security requirements into the design and development stages for all software products, as well as incorporating more customer-facing availability for cybersecurity concerns.

Results & Benefits

As a result of its partnership with Defensible, Industrial Defender was able to build a comprehensive and robust cybersecurity program with several supplemental benefits 

• Improved documentation and organization 

  As an organization that operates within the cybersecurity space, Industrial Defender was already adhering to several industry best practices, specifically regarding security controls. However, some of these initiatives were not well documented as formal policies and procedures. While rebuilding Industrial Defender’s cybersecurity program, Defensible was able to properly document and operationalize all aspects of cybersecurity for Industrial Defender, from Human Resources operations through software development. This holistic approach to documentation has made the effect of Industrial Defender’s cybersecurity programs tangible across the entire organization. 

  Additionally, Defensible, as part of the efforts to create a baseline set of internal cybersecurity documents and an information security policy, created several core forms of documentation for policies and procedures; these documents included a set of standards for business continuity, a disaster recovery plan, and an incident response plan. With this new documentation in place, Industrial Defender is well-equipped to not only prevent cyberattacks and incidents across their entire attack surface but also effectively respond to and remediate any potential incidents that may occur in the future. Industrial Defender is also able to create new questionnaires and survey responses that serve as an accurate reflection of their cybersecurity program. 

• Fewer gaps in cybersecurity and managed services coverage 

  Defensible worked closely with Industrial Defender’s selected managed service providers (MSPs), as well as other entities who provided IT security-related services, to identify what offerings were relevant to Industrial Defender’s newly rebuilt strategy, and to identify what gaps needed to be filled with in-house programs or procedures. This approach, which was specifically tailored to Industrial Defender’s unique IT and cybersecurity technology stack, allowed nothing to slip through the cracks or be unaccounted for. 

• Increased awareness of vulnerabilities 

  In addition to the cybersecurity program groundwork laid by Defensible at the beginning of the partnership, Defensible also conducts ongoing internal and external vulnerability scans, allowing for increased visibility of vulnerabilities across the organization’s entire attack surface. Defensible performs these recurring vulnerability scans and provides detailed monthly reports to keep Industrial Defender’s leaders up-to-date on the vulnerabilities present in all of the organization’s cyber environments. 

  Defensible also helps further protect Industrial Defender from potential cyberattacks by heading a security awareness training program for all Industrial Defender employees, regardless of the department or location in which they work. One element of this program is internal threat testing.  This can include crafting periodic messages that serve as a “phishing test,” sharing them across the organization to see if any employees click on a potentially dangerous link and providing training to those who may be compromised by interacting with a real phishing email. 

Why Defensible

Organizations that operate within the critical infrastructure sector face several industry-specific cybersecurity challenges that require the attention and expertise of seasoned cybersecurity professionals. Get in touch with the experts at Defensible to see how they can help you better secure your organization.

For more information about any of our cybersecurity services, please reach out to us at  ciso@defensible.tech