Leading Malaysian Developer UDA Holdings Zeroes in on Threats With
Total Page:16
File Type:pdf, Size:1020Kb
Leading Malaysian developer UDA Holdings Organization zeroes in on threats with LogRhythm UDA Holdings Berhad Employees Overseen by the Ministry of Entrepreneur Development and Cooperatives (MEDAC) Between 1,000 and 1,200 of Malaysia, the Urban Development Authority (UDA) is a property developer that manages and operates real estate as well as provides services for housing, lifestyle, Key Impacts retail, and hospitality sectors. Renowned as one of the top ten property developers • Achieved full security visibility into in the market, UDA has played an instrumental role in the development of Selangor, entire IT infrastructure Kuala Lumpur, Penang, Johor, and more. To improve the developer’s overall • Strengthened regulatory security security posture and gain visibility into its extended IT landscape, UDA has chosen and ISO 27001:2013 certification LogRhythm NextGen SIEM Platform. application process • Maximized limited resources through The Business Challenge improved incident response workflows • Mitigation and detection times were BLIND SPOTS IN CYBERSECURITY vastly improved, from days to minutes As a company that is responsible for many governmental, commercial, and residential property development projects throughout Malaysia, it is imperative for UDA to ensure that their data, clients’ information, and assets are well protected. However, not only did the cybersecurity team lack the resources, they also lacked the experience and expertise to adequately handle the volume and complexity of both external and internal threats to UDA. In other words, the team had been unnecessarily spending a substantial amount of time and resources manually detecting “As we handle sensitive customer data, we threats, which include DDoS, ransomware, brute force, and are faced with the challenge of addressing phishing attacks. Additionally, this manual detection — in the ever-growing burden of IT compliance and the blind — also meant that it was harder to differentiate ensuring that it’s sustainable for the company. between real threats and false positives, resulting in a As such, we believe it was time and necessary to huge impediment to their ability to respond and remediate rethink our compliance strategy such that efforts cyberthreats in the shortest possible time. Eventually, their continue to serve the company’s wider strategic ability to satisfy compliance regulations was also impacted. objectives. Since partnering with LogRhythm, we have not only streamlined our regulatory and IT Consequently, the team realized that they needed a security compliance processes, but also become more information event management (SIEM) solution that could effective in meeting IT requirements. Without enhance and centralize visibility, detect advanced threats, compromising on man-hours or productivity, our and respond to incidents effectively around the clock. team has reported enhanced efficiency and lower levels of errors.” The Solution FULL VISIBILITY Norli Shariffuddin Following an evaluation of cybersecurity vendors, UDA UDA Holdings Group selected LogRhythm for its ease of deployment and use, user Information Technology Division interface, and out-of-the-box content for threat detection (GITD) Assistant Vice President and compliance. Recognized for its leader’s position in the 1 – IT Compliance Manager Gartner SIEM Magic Quadrant, LogRhythm also surpassed its competitors in terms of scalability, cost-effectiveness, and customer-focused support system that enabled the UDA team Coupled with having full visibility on the origin of attacks and to hit the ground running quickly. In fact, it only took an hour security environment, the UDA team found additional value for UDA’s IT engineers to understand and familiarise with in the platform, which served as the central repository for all LogRhythm’s dashboard, which did not require any advanced associated evidence and case management. This immensely scripting skills in order to manage it. helped the UDA team’s time management on tracking and remediating cases, as they were able to view a real-time news Since working with LogRhythm, UDA has gained full visibility feed of all completed actions associated with a timestamp into their network and system — of internal and external for each case. In fact, by aligning their processes with threats — enabled by threat intelligence. Their efficiency LogRhythm NextGen SIEM, the team was able to cut down and accuracy have also increased, as they were able to dial on mean time to detect and response times from between 48 back on addressing false positives, and instead focus on real and 72 hours to just under 30 minutes. threats that were of high priority. ORCHESTRATING WORKFLOWS INTELLIGENTLY AND SWIFTLY REDUCED DETECTION AND RESPONSE TIMES The adoption of LogRhythm’s NextGen SIEM solution Given the vast landscape of data and information UDA holds, has strengthened UDA’s ISO 27001:2013 certification the large organization needs to ensure that they can identify application, which is now in process. It covers various areas threats attempting to hide within that maze of information in incident response and information integrity through a swiftly. With LogRhythm’s RespondX, UDA was able to unified hub orchestrating workflow. The positive results and streamline the investigation and mitigation of threats by achievements with LogRhythm have led to UDA placing the platform at the center of its security IT universe, with the coordinating and automating as many steps in the response IT team looking at closer collaboration efforts for a 24/7 workflow as possible. This means greater efficiency and Security Operations Centre (SOC) and the possible inclusion speed in detecting and responding to anomalous activity, of cloud deployment. thus minimizing damage to the business. “We’ve adapted extremely well to LogRhythm NextGen SIEM solution and were able to pinpoint specific threat actors. Going on board with the solution was a breeze for our team members, who all had general cybersecurity expertise. Since working with LogRhythm, we have been able to rapidly identify behavioral anomalies and significantly accelerate threat mitigation, thereby reducing mean time to detect (MTTD) and mean time to respond (MTTR). The ease of use with LogRhythm NextGen SIEM Platform has led to our Application Support Team gaining more interest in Security Operations Center (SOC) and proactively honing their skills as part of their career development. Following our success with LogRhythm, we will be looking at securing the cloud and automating processes to raise our security posture to the next level.” Abdul Yamin Ab Ghani UDA Holdings Group Assistant Vice President 3 Head of Information Technology Infrastructure www.logrhythm.com Singapore: +6222 8110 // Australia: +61 2 8019 7185 // [email protected] APAC HQ: 2 Peck Seah Street, Airview Building, #03-01, Singapore 079305 ©2020 LogRhythm Inc. | CS1420_Jun20.