Managed Detection and Response Helps Protect the Assets of One of the Nation’s Top Coal Suppliers

Business Overview

One of the nation’s top coal suppliers

Challenges

  • Small cybersecurity team with competing priorities
  • Need for non-intrusive method of protecting key executives’ information
  • Critical company data needs to be protected

Results

  • Binary Defense’s Managed Detection & Response (MDR) platform provides protection for all workstations
  • Around the clock monitoring and alerting the client of any potential threats or incidents
  • Security analysts act as extension of the team, providing real-time alerts, reporting and guidance

“The comfort of just knowing that [our] key users’ computers are covered 24x7x365 provided me with a world of relief.” – Security Director at Coal Supplier

The Binary Defense Solution

Binary Defense MDR, SOC

Small remote IT team; large assets to protect

One of the largest coal providers in the US operates surface mines that supply coal to power generation and natural resource companies. As with any supplier that impacts infrastructure, coal providers are vulnerable to cyberattacks that seek to disrupt the supply chain. The corporate office is modestly-sized, with 13 employee workstations, eight of which belong to company leadership. However, a large amount of proprietary data is housed on these workstations. It is critical for this organization to protect both its operations and company-sensitive data.

As demonstrated with some recent cyberattacks making national headlines, including the ransomware attack on the Colonial Pipeline gas supplier in early 2021, organizations aren’t fully prepared to defend against cybercrimes. Fortunately, the coal supplier has been a Binary Defense customer since 2018, and their security director has been proactively developing a sound cybersecurity strategy with Binary Defense as a pillar of that strategy.

They trust the technology of Binary Defense Managed Detection & Response (MDR), and the expertise of the Binary Defense Security Operations Task Force. With a small IT staff, this organization needed a provider to act as an extension of their team and provide 24/7/365 protection of their assets.

Other features important to the security director that made Binary Defense a perfect fit for the coal supplier included:

  • Allows his internal team to focus on other security tasks
  • Doesn’t interfere with or slow down individual workstations
  • A team that proactively searches for threats or abnormalities within the network and makes recommendations when issues arise rather than just handing off the information
  • Protects proprietary company information that resides on the network
  • Provides functionality even when employees and executives work remotely

Binary Defense MDR provided seamless protection and peace of mind

When implementing Binary Defense MDR, it took about an hour for the security platform to be installed on every user’s computer and servers. Immediately, the Binary Defense Security Operations Center (SOC) cybersecurity experts began to monitor around the clock. Under most conditions, the MDR platform takes up minimal space on a workstation, has zero impact on performance and is invisible to the end user. The software also continues to monitor workstations even when they are not on premises; for example, when an executive is traveling or working remotely.

“The comfort of just knowing that our key users’ computers are covered 24x7x365 provided me with a world of relief,” the security director noted.

Get another cup of coffee

The security director noted that the proactive monitoring done by the Binary Defense team was a huge time-saver for him and the remote IT Team. “The Binary Defense team is able to help with the baselining and proactively scrubbing to help eliminate the false positives in my environment. I can go get another cup of coffee and work on other more important cybersecurity control requirements,” he said. “When an issue is identified, the Binary Defense analysts are notifying me as to the potential problems and their thoughts or risk so it narrows down the potential avenues that I have to review with the remote IT team members.”

False positives in cybersecurity occur when an activtity appears to be coming from a malicious source, but is actually legitimate. They account for 40% of alerts that a cybersecurity team receives daily and are critical to investigate, as they could be real threats. However, investigating these alerts is extremely time consuming–especially without dedicated personnel. In one instance, the Binary Defense team passed along a suspicious IP address to the IT team at the coal supplier to investigate. Though they suspected it was a false positive, they took precautions, nonetheless. “We blacklisted the IP address. It could have been nothing, but if anything tried to come through, it would have been blocked.”

Serving as a true extension of the security team

The option to chat with a Binary Defense analyst on an as-needed basis to seek guidance and advice on issues has come in handy for the security director, as well. As a small team with other priorities, it’s impossible for them to stay current on all of the latest cybersecurity threats and trends. “They are open with information and that helps. We have updated our incident response plan based on the valuable insight they give us,” he said.

Binary Defense gives the security team at the coal supplier the peace of mind that their proprietary data and individual workstations are being proactively monitored, managed and kept secure. The security director could not be more satisfied with the MDR solution and is a huge proponent of Binary Defense. “When people ask me what type of monitoring I use and why,” he said, “I sing the praises of Binary Defense. They are fantastic!”