The Disability Trust Impressed by Multiple Benefits from Switch to CrowdStrike
Industry: Not-for-profit
Use case: Managed detection and response (MDR), SIEM (security information and event management) and log management
Key vendors: CrowdStrike
CHALLENGEs
- Due to the large volume of detailed client information stored across a number of its sites around Australia, The Disability Trust is particularly concerned with protection against cyber attacks.
- As a not-for-profit, The Disability Trust has limited resources to proactively address threats in a timely manner.
SOLUTIONS
- After implementing CrowdStrike, under the guidance of Sekuro, The Disability Trust has peace of mind that threats are being remediated within minutes, rather than hours.
- The team now has enhanced observability and log management across The Disability Trust cyber estate with Crowdstrike LogScale and Falcon Complete.
- Joining Sekuro’s cyber resilience program to access resources and skills has ensured that The Disability Trust is continually improving its security practices as well as meeting its ISO27001 and RFFR (Right Fit For Risk) requirements.
The Disability Trust is an NDIS (National Disability Insurance Scheme)-registered and not-for-profit provider of disability services, committed to providing highly professional care and support to people with disabilities and their families.
As the cyber security and infrastructure lead, Dean Smith is in charge of securing 130 sites, 2,000 accounts and 900 full-time staff. With threats increasing and limited security resources on hand, Smith was looking for partners with the right expertise to level up its managed detection and response (MDR) and logging solutions.
challenge
As a not-for-profit in the disability services sector, The Disability Trust handles a lot of sensitive data, making it a prime target for cyber attacks. Due to the nature of the services it provides, this data also needs to be accessible 24/7 from hundreds of disparate sites. This creates new security challenges with the network perimeter continually expanding as the organisation grows.
The Disability Trust has a relatively small ICT (information and communications technology) team and insufficient infosec resources to operate effectively without external support. This meant the team was spread thin and unable to adequately keep up with the number of alerts coming into the system. Its existing endpoint solution was not providing enough support to the team, and therefore, in 2021, Smith began the process of finding the right cyber security partner.
SOLUTION
After evaluating several solution providers, The Disability Trust chose CrowdStrike due to its superior functionality and competitive pricing. It also needed solutions that would meet its Right Fit For Risk (RFFR) and ISO 27001 requirements. It chose to deploy CrowdStrike Falcon Complete for MDR as well as its Falcon LogScale solution for SIEM (security information and event management) and log management.
With plans to move towards an Extended Detection and Response (XDR) approach in the future, The Disability Trust felt that acquiring CrowdStrike’s Falcon Complete for MDR and LogScale solution rather than an in-house SOC (security operations centre) would serve them better in the long term.
During the LogScale proof of concept, it took less than two weeks to roll out CrowdStrike’s solutions across its network.
“Once the project began, it was just days until the platform was ingesting data. Our time to value was only a couple of weeks once the dashboards were up and running,” said Smith.
Before it engaged CrowdStrike, The Disability Trust brought on Sekuro to conduct its RFFR and ISO 27001 accreditation. Because of its existing relationship and extensive knowledge of the business, Smith brought in the Sekuro team to support during the scoping and proof of value stage.
“The Sekuro team was very helpful, sitting in on meetings to make sure we were asking the right questions of the CrowdStrike team. They provided guidance on things like the must-haves versus like-to-haves for the central dashboard, and really allowed us to make informed decisions,” added Smith.
“The Sekuro team’s support over a number of projects now has played a big part in our success and we would not be in the position we are today without them.”
Outcome
The biggest shift for Smith and his team since implementing CrowdStrike has been peace of mind.
“The time to close incidents is far quicker than we could ever do it,” he said.
The heavy lifting is done by the Falcon team, which generally closes tickets within 15 minutes on incidents which previously had taken hours to resolve.
Smith says his team can now “do more with less” by leveraging expertise to augment its capabilities.
As the Falcon Complete team is now the first responder, The Disability Trust only gets involved from a policy point of view for internal purposes. This has removed a big burden for the team which can now focus on looking ahead towards growth rather than chasing its tail retrospectively addressing threats.
Using the LogScale Complete team, The Disability Trust can ingest new logging sources and have the Complete team rapidly build out monitoring, alerting, and dashboards, freeing the team up to support the business with its day-to-day needs.
The Disability Trust has now also joined Sekuro’s new Cyber Resilience Program (CRP), a subscription-based service offering on-demand cyber security and IT resources to help fill internal talent gaps and build resilience. RFFR and ISO 27001 require ongoing review and annual compliance audits. The CRP program would provide The Disability Trust team with the expertise and extra resources to maintain compliance without putting the burden on its own team.
“After implementing CrowdStrike, we can now do so much more with less. The Sekuro team has been supportive and invaluable throughout the process and is a major reason for the project’s success.”
– Dean Smith, Cybersecurity and Infrastructure Lead, The Disability Trust.
Sekuro #clientforlife
At Sekuro, we distinguish ourselves through our strategic approach to cyber security. Our curated suite of cutting-edge technologies is deployed within a robust Zero Trust Strategy, forming the core of our unique offerings. We deliver more than just top-tier security tools; we devise and implement a holistic security strategy that guarantees a secure operating environment for all users and devices, firmly rooted in Zero Trust principles.