SOC Talk: Conversations from the TrenchesIn each of these interactive discussions, you’ll hear cybersecurity experts and members of the ReliaQuest Security Operations team discuss challenges, trending security topics and share solutions for achieving best in class security operations.
ReliaQuest GreyMatter: A Sure Bet On Security For Hard Rock International
In August of 2019, Hard Rock International was preparing to embark on a multiyear digital transformation and cloud migration journey when Mike Novak joined the organization as Chief Information Security Officer (CISO) and Vice President of Information Security, Compliance, and Data Protection. Due to the challenges that came with securing a globally distributed workforce (270+ locations across 76 countries), Novak sought out a solution that would help accelerate his team’s ability to detect and respond to threats, improve efficiencies across investigation workflows, and ultimately assume a more proactive approach to their security operations.
Upon choosing ReliaQuest in early 2020, Hard Rock’s security team achieved fast time-to-value, gaining visibility into 80% of their environment within just 60 days.
Lack of actionable data to understand visibility gaps and prioritize efforts
Gaps in threat detection content and lack of relevant, actionable data
No application or event correlation capabilities
Limited bandwidth and expertise to optimize IT investments
No metrics or reporting
GreyMatter, an Open XDR-as-a-Service platform backed by 24/7 technical expertise, provides the Hard Rock team with contextual intelligence and visibility into real-time insights, helping them stay one step ahead of risks with automated threat hunting and attack simulations. Not only does the platform provide Hard Rock with validation that the solutions they have in place are working effectively, but it also drives faster threat detection, investigation, and response with greater coverage across their diverse set of tools and business applications.
Novak says that with help from ReliaQuest, the Hard Rock team made rapid progress towards their goals almost immediately thanks to a quick onboarding process—going live in less than three weeks.
Some of the quick results the Hard Rock team realized after partnering with ReliaQuest and onboarding the GreyMatter platform include:
Increased enterprise visibility to 80% within 60 days
Improving the business’s risk posture
Surfacing three key findings through “red team” simulations and five key findings through strategic threat-hunting exercises
Up-leveling team performance through incident response tabletop exercises and workshops
With ReliaQuest GreyMatter, the security team now has relevant, real-time, data-driven insights that help accelerate their incident response workflow. “We couldn’t implement a true incident response plan without understanding what’s happening, where it’s happening, and why,” says Novak. “GreyMatter gives us that insight. Now, we can understand what’s unfolding—and what’s real—so we can take action.”
The team’s aim is to become even more proactive in combating threats, according to Novak, and “get to a point where we can solve the problem, stop the attacker and attack, and move on.” He notes that to do that, they need to align “visibility, event correlation, orchestration, and response,” which is what they’re working toward now with help from ReliaQuest security expertise and GreyMatter.
“Before ReliaQuest, we lacked visibility into our data, tools or a unified view of current threats. ReliaQuest helped us achieve quick response, tool efficacy, and data-driven results. Our increased efficiency allows us to focus on business growth—and not worry about having to scale our team to get to the outcomes we need.”
— Mike Novak, CISO, VP of IT Security, Data Protection and Compliance
Working with the ReliaQuest team and GreyMatter has also allowed Novak and his team to step back and rethink how they’re supporting the Hard Rock International business at large. “I can say that because of our partnership with ReliaQuest, IT is now an enabler of the business. It’s paved the way for us to ask things like, ‘What are we doing that doesn’t make sense’ and ‘How can we enable the best possible outcomes for the business?’” says Novak. “We’ve been able transform IT into a steering committee where we’re proactively bringing solutions to the table, versus the business bringing solutions to IT.”
Additionally, the insights Novak and team now have into tool efficacy allows them to justify additional spend to make strategic improvements. “Through GreyMatter health reporting, we captured data that has led to improved architecture recommendations,” says Novak.
Novak adds that partnering with ReliaQuest experts and the transparency into process they get from GreyMatter is also helping his team to grow professionally. “My staff now has more opportunity to take ownership of applications, get training and improve their performance,” he explains. And with more skills and expertise—and more confidence—the Hard Rock team is better positioned to help the business achieve its digital transformation and cloud migration objectives while continuously fortifying security.
More proactive, 24/7 incident response, without adding personnel