Public Service Credit Union’s (PSCU) decision to adopt DefenseStorm stemmed from a need to monitor the activity of super users within its network. This request came from the institution’s examiners and auditors, so there was a strong sense of urgency to find an effective solution that would stand up to the tightening cybersecurity regulations from the FFIEC.
Carlos Vazquez, Vice President of Information Technology, knew that his credit union needed help monitoring and analyzing the vast amount of data within its network logs. Vasquez identified a number of companies that could aggregate log data, but they fell short of his expectations because they required a great deal of work on the backend to identify anomalies.
Once Vazquez discovered DefenseStorm, he and his team quickly determined that it could help the credit union satisfy a regulatory requirement that the credit union monitor super user activity and improve its ability to detect anomalies hidden with its log data. “DefenseStorm can tell us, ‘Hey, you have this anomaly going on,’ or ‘There’s an anomaly that’s on your firewall that may have not been caught,’” Vazquez says. “DefenseStorm is meeting the exact needs of what we want,” adds Vazquez.
Similarly to most institutions that invest in a cybersecurity solution, PSCU created a business case that it presented to its board. “Our business case presented the cost savings in FTEs, but we didn’t concentrate on that. We concentrated on knowing what is taking place within our network and looking at the logs,” advises Vazquez. “That was more important than the headcount savings. The benefits of being able to satisfy our examiners and auditors when they ask us questions and be able to feed that back to the board, that’s the ROI.”
Increased visibility across entire network
In his role as the credit union’s Senior Security Administrator, Manuel Zapien now has far greater visibility of activity taking place within the network. “The greatest thing for us from a security standpoint was to increase our visibility. That includes everything on our network: endpoints, network devices, and security devices,” notes Zapien. He adds that increased visibility didn’t come with a hefty price tag and that achieving the same network visibility without DefenseStorm would involve the credit union hiring at least one security analyst dedicated to the review of logs and the detection of anomalies.
Instead, by outsourcing that responsibility to DefenseStorm, the credit union avoids the expense associated with hiring a security analyst. DefenseStorm has a team of people assigned to protecting the credit union around the clock.
Real-time security monitoring
PSCU’s information security team appreciates the anomaly detection that DefenseStorm applies to the credit union’s logs. Using the log data, DefenseStorm has created a baseline of normal network activity, so when a desktop operates outside these parameters, the credit union quickly receives notification that, otherwise, would have gone undetected.
In addition to proactive monitoring, DefenseStorm provides access to real-time threat intelligence that allows the credit union to conduct timely forensic analysis. As an example, when a virus ended up on an employee’s desktop, the first thing that Vazquez and his team did was access the DefenseStorm portal to conduct a forensic analysis to determine the path that the infection took.
Given what DefenseStorm has helped Vazquez and his team accomplish, he sees a world without DefenseStorm as an uncomfortable prospect. “We would have to hire probably one to two FTEs to do what DefenseStorm is doing. It would put a lot of pressure on the team for them to actually look at the logs and correlate the data,” believes Vazquez. “I don’t believe we could do in days what DefenseStorm does for us in minutes. It has really made our lives easier and saved the headcount. It provides us with instant notification of items that we need to be aware of that could be impacting our members.”