Protecting HMG from damaging cyberattacks
The Department is the UK’s biggest public service department, administering services to around 20 million citizens. With 24/7 reliance on its IT Infrastructure – the largest network of systems in Europe - protection from cyberattack is a top priority.
Impressed by the experience and specialism of the team.
The security monitoring teams know that there is infrastructure in the Department's cloud environments that they are unable to see. Risk owners have a number of outstanding risks assigned to them regarding information assets in the cloud and the lack of protective monitoring. A strategic security monitoring capability is being developed but will not be implemented for months.
Pionen needed to understand the Department's problem and develop solution requirements to fix them – both the functional elements (what the solution would do) and the non-functional elements (how the solution would work with other capabilities). Working collaboratively with the Department's security monitoring and data owners, they developed a set of signed-off business requirements for the solution to meet.
Pionen then worked through their checklist of standard non-functional requirements to determine the technical constraints, and based on this work, Pionen was confident that a set of standard cloud services would meet the needs of the Department.
After assessing available services against the requirements, Pionen compiled a comprehensive compliance matrix with strengths and weaknesses for each service.
A number of native cloud services were selected to quickly gain visibility of all the Department's accounts in Amazon Web Services.
In parallel, Pionen created a communications plan, to win the hearts and minds of the account holders who had been used to monitoring their own infrastructure, and started contacting key stakeholders and to introduce the subject of centralised visibility and monitoring.
Capability and solutions designs were created and taken through the Department's governance processes. Once approved, the solution was implemented in a week (as is the speed of implementation for native cloud services).
We are very happy with the team's delivery of our projects.
The tactical cloud monitoring solution has been a great success for the Department; offering immediate visibility of some 250 Amazon Web Service accounts within a week of deployment.
The strategic solution is still in the design and governance phase and therefore the strategic deployment is providing a very important stop gap between AS-IS and TO-BE solutions.
It is providing security monitoring of all 250 accounts to a central security monitoring console and threat intelligence alerting across all accounts to the security monitoring and ancillary teams. It also includes a forensic investigation tool for incident response and investigation.
The Department is still going ahead with the strategic solution, but in the meantime, the tactical solution is providing valuable insight and learning for input into the strategic solution.