Detection & Response, Securely Managed.

Learn how Orro helped a QLD Government Agency address critical components across visibility and response time for their Security Improvement Program.

Government Managed Security Services

Challenge

Orro was engaged by a QLD Government Agency to address a key component of their Security Improvement Program being the visibility and response of security incidents. With previous proof-of-concepts around Security Information and Event Management (SIEM) systems and inquiries into Security Operations Centres (SOC), the Department was seeking to improve their security maturity level in line with the ASD Essential 8 and State Government compliance standards.

As is with the consideration of most tools and technology, a big factor was the methods for managing disparate cyber security solutions and a clear strategy to mitigate risks. With the continued proliferation of computer connectivity and the already constrained operational resources, the potential impact of failing to identify and remediate cyber security threats introduced significant risk to the organisation’s operations.

Three options evolved being; build internally, outsource to a SOC or consider a local managed visibility and response service that could assist the Department in a continual improvement process whilst ensuring agility and flexibility.  Through a consultative and finally a tender process, the decision was therefore made on the latter, being a Managed SIEM and Threat Intelligence service, together with Vulnerability Management-as-a-Service and Incident Response.

Solution

Through a number of workshops and consultative engagements, Orro stood up a paid pilot over a 4-month period that specially tested a number of use-cases that were aligned contextually to the Department.  Not only were they able to experience the service first hand before entering into a contract, the Department ran due diligence across the service creating and testing a number of play books. Success criteria was also built into the pilot to ensure that the service met the business case objectives.

Via our Security Centre, we now provide support either as or for their operational teams through our tools, partners, and expert local resources. The Security Centre is a Brisbane based operation that provides managed SIEM and threat intelligence services along with Vulnerability Management-as-a-Service and an Incident Response capability with SLA’s. Our security operators have direct access to state-of-the-art threat information and intelligence which it applies to the Department’s logging and alert feeds of specific equipment to provide contextual information.

Outcome

This engagement met and exceeded the Department’s expectations with a logical and pro-active approach to security operations. IT assets are now visible and centrally managed to address security threats. Orro’s managed security services provides a view of the cyber threat landscape relevant to the Department’s IT environment, delivering information necessary to measure the true maturity of the investment in people, process, and technology, and to enable them to comprehend their cyber security risks.

The customer name has been withheld due to confidentiality. More information can be provided by contacting Orro directly.

Related Resources

Fenner
10 February 2022
Fenner Conveyors, a Michelin Group company, is an Australian specialist manufacturer that chose Orro to replace the company’s ageing MPLS network with SD-WAN.
16 February 2022
The Finite Group is a leading provider of diverse IT solutions in Australia and New Zealand. Founded in 1998 to offer specialist IT recruitment expertise and people-based services, the Group later expanded in 2003 to offer IT Professional services. 
23 February 2022
Our client is an award winning Australian Financial Services Client with an Australian and International presence with a focus on consumer lending and asset servicing. This client has offices in Australia, New Zealand, Asia and Europe.