CASE STUDY
Global Mining Leader Safeguards Data and Human Lives with a 10 Year Security Partnership
The long-standing partnership ensures 24/7 monitoring, incident response, and flexible support to safeguard digital assets and mining crews.
About
Our client is a global mining company with 60,000 employees across 35 countries. They extract and supply crucial metals, such as lithium and copper, which are essential for multiple industries, including clean energy solutions.
Objective
- Ensure business continuity
- Maintain the safety of its mining crew
- Secure its digital assets
Problem
- Difficulty finding and training staff with specialized, security skills
- Costs of expanding in-house security team exceeds value
- Required a flexible partnership to address open-ended issues
Solution
- Partner with a managed security services provider
- Add 24/7 monitoring and incident response capabilities
- Level 1 + 2 analysts, a service delivery manager, and a SOC manager
Results
- Strengthened cybersecurity posture with proactive threat detection and rapid incident response
- Reduced risk to operational technology, ensuring the safety of mining crews.
- Achieved long-term security maturity with continuous monitoring
OBJECTIVE
To Be Nothing Short of Best in Class
This global mining leader has earned their place at the forefront of their industry through strict adherence to regulation and a drive for excellence.
With the bold goal of becoming the best operator in terms of safety, efficiency, and mindfulness, cybersecurity plays a crucial role. The cybersecurity incident response team manager explained, “The more time spent recovering from a security incident means less time spent on becoming the world’s best operator.”
Security incidents were quite common. “In fact, they occur weekly and sometimes daily.” And, the consequences of an attack were more grave than a disruption to business operations. The continued safety of operating teams depends on the security of their digital assets.
Mining has always been a hazardous industry, and operating teams are kept safe by an array of real-time location systems, gas detection and air quality monitoring tools, and other technology solutions. “Failure to secure these assets can lead to a loss of life which is the worst case scenario.”
The mining leader fully recognized the gravity of what is at stake. With the constant threat of security incidents, they set out to build a security function that will protect them as they pursue their goals of excellence.
PROBLEM
Making the Business Case for Security
Improving security was a critical priority, but the costs needed to match the value.
Internally, the global mining leader staffed six experienced cybersecurity professionals. But to establish 24/7 monitoring and incident response, they would need to at least double the size of this team. When calculating the salaries, benefits, and recruiting costs of this expansion, it simply did not make business sense. “That would be quite an expensive endeavor when you compare it to what it costs us to outsource these services,” explained the incident response team manager.
But the mining leader needed more than a service offering. They needed a true partner who could be flexible, learn new tools, and co-solve emergent problems. “With other providers, you get a black box of security. There may be 100 instant responders assigned to our investigations, and we don’t get a chance to discuss the issue with them.”
They needed something more.
SOLUTION
Extending the Internal Team
With an MSSP partnership, the mining leader gained cost-effective access to top technical talent.
The mining leader partnered with SecureOps to serve as an extension of their in-house teams and establish 24/7 monitoring and incident response. “Their dedicated team of experts works around the clock to proactively detect, efficiently respond to, and effectively manage any security incidents that might arise.”
The team includes:
- Five-person Level 1 analyst group
- Dedicated Level 2 analyst
- Part-time service delivery manager
- Part-time dedicated SOC manager
Critical to the success of this partnership is a willingness to adapt and remain vendor-agnostic. “Our tools have changed drastically over the years.” From FireEye, to Trellix, to Microsoft, SecureOps made clear our ability to support their technology infrastructure.
RESULTS
A Flexible Partnership for Maturing Security
For ten years, SecureOps has remained a trusted partner, feeling more like a member of the team than a service provider.
“We sit on the same teams. I meet with them regularly. So they are, for all intents and purposes, an extension of the team.”
This has served the mining leader well. “We’re not getting a robotic person who just clocks in and out and only works on one procedure. They’re willing to share and uplift our security capabilities together.” Instead, they have a name they can call and a voice they recognize. “If we have a critical incident, I can call them up and ask, ‘What do you think? What is your experience here?’”
With the safety of mining crews on the line, the flexibility of the partnership is essential. “Their response is never ‘We’re not contractually bound to do this.’” In many cases, the mining leader does not have exact procedures, so they depend on the open-ended expertise of SecureOps. “SecureOps has picked up incidents that we would not have picked up, because they use their mind creatively instead of just being policy and procedure driven.” It’s only through this true collaboration that ever-evolving security challenges can be solved.
After 10 years, we’re proud to say our partnership remains strong, cost-effective, and valuable. “SecureOps has proven to be the most effective and economically sound strategy, and why they have been our trusted MSSP partner for more than a decade.”
Build a security function that furthers your business goals
SecureOps is ready to join a partnership centered on your needs and ensure the protection of your most critical systems.