The History: The Fayetteville Public Works Commission (FAYPWC) provides municipal water, power, and sewer services to over 120,000 people in North Carolina. As the public utility sector faces increasing cyberattack threats, FAYPWC needed to establish a robust, multi-layered security posture that protected its operating technology from compromise.
Like many public utility providers, FAYPWC did not have its own security operations center in place when they contacted Lumifi. When high-profile ransomware attacks on utility providers started making headlines, the organization’s leadership decided to build its SOC capabilities. However, building and deploying an in-house SOC would be prohibitively expensive, requiring the organization to pass on costs to customers.
FAYPWC contacted Lumifi to develop and implement an SOC-as-a-service solution that would act as an extension of the organization’s existing IT team.
The utility provider needed to mitigate highly advanced threats while leveraging SIEM expertise on an ongoing basis. It needed to accomplish these tasks in a stakeholder-friendly, cost-effective way.
SIEM technology granted the team deep insight into security events impacting the organization while supporting powerful third-party integrations to serve its unique security risk profile. The SIEMs favorable pricing structure helped keep overall costs low.
The Challenge — OT Security Demands Additional Layers and Features: SIEM solutions provided FAYPWC with a cost-effective solution to monitoring a wide range of data-generating log sources throughout its IT infrastructure. However, the organization still wanted to close the security gaps around its operating technology. For a public utility provider like FAYPWC, effective multi-layered security means bridging IT and OT infrastructure together.
The organization needed a SIEM platform capable of performing in-depth analysis of user behaviors across its entire network. The platform needed to catch advanced persistent threats as well as credential based attacked and malicious insiders. SIEM platform that captures and collects log data from every user and asset on the network. This makes it the ideal choice for complex IT/OT environments where small, barely noticeable configuration changes can dramatically impact operational security.
SIEM key features made it the best choice for FAYPWC’s security risk profile:
SIEM Expertise Paves the Way to Operational Security Excellence: Lumifi played a vital role transforming FAYPWC’s security infrastructure and enabling it to consistently detect sophisticated attacks throughout its network. Our SIEM specialists helped the utility provider implement SIEM solutions, enabling high-performance security at a fraction of the cost of building out its in-house SOC capabilities.
FAYPWC was looking to build a relationship with a trustworthy security partner who could help it close its security gaps. Lumifi’s commitment to unlimited visibility and collaborative security helped identify those gaps and implement solutions that address them effectively.
Lumifi’s SIEM expertise helped FAYPWC develop a model that represents normal user behavior throughout the FAYPWC network. This model serves as a valuable point of reference for monitoring real-time user behaviors and assessing the risk of insider threats and credential based attacks.
As an extension of FAYPWC’s security operations center, Lumifi provides 24×7 managed detection and response services with customized rules, reports, and dashboards delivered through the SIEM platform.
The Results:
