Shannon Lawson, CISO for the City of Phoenix, and Geoffrey Coulehan, Head of Sales for MixMode recently joined forces for a fireside chat at the Evanta CISO Summit in Phoenix, AZ. Lawson and Coulehan have been partnering together for almost three years to transform the City’s cybersecurity initiatives and Security Operations Center (SOC).
The nation’s largest Financial Services providers are a favorite target for nation-state sponsored and coordinated cyber-attacks. Despite significantly more financial and resource investment in cybersecurity than any other industry, critical infrastructure breaches and novel attacks remain a daily occurrence.
MixMode’s Head of Sales and Alliances, Geoff Coulehan, shares how MixMode was able to identify critical risk factors coming from inside bad actors that had gone undetected by a large U.S. city’s SIEM and UBA platforms despite their multi-year deployments and their decision to decommission their User Behavior Analytics (UBA) platform.
Within the first 24 hours after deployment, MixMode had enabled the government entity to regain control over the security environment and network data infrastructure. No longer limited to log data analysis, they were able to identify and address real-time threats as well as network and operational configuration challenges.
A large utility company approached MixMode with the following scenario: The enterprise SOC was utilizing a shared SIEM application that was being utilized by several stakeholders: the networking team, the SCADA team, the dev-ops team, the compliance team and cybersecurity teams for “basic search and investigation of log files to meet regulatory compliance requirements”.
After suffering a possible breach, a client approached the team at Nisos for help evaluating the security of their AWS environment. The client was concerned about possible malicious activity on the part of a former employee who had maintained an AWS Identity and Access Management (IAM) account after being separated.