The Toshiba Group is dedicated to building technologies that help keep society moving forward. Their commitment to people, the earth, and the future leads them to developing businesses in a wide range of sectors from infrastructure businesses, power generation systems, water and sewage systems and more. Because Toshiba supports such critical infrastructure, it is essential that they secure all Toshiba systems that exist in the cyber and physical worlds.

The need for trust and scalability, despite limited internal resources

To accomplish this, Toshiba places the principle of trustworthiness, as defined by the reliability of a system quality, at the core of their security policy. In order to establish and maintain system trust, Toshiba first looked to McAfee’s Cyber Fusion Center to replace its own Security Operations Center (SOC), and take it from reactive to proactive. This helped Toshiba advance towards their goals of risk-based security management and Zero Trust.

In order to continue to mature in these areas, they knew it was necessary to advance how they monitor and respond to threat intelligence.

“In recent years, the number of cyber attacks on enterprises has been increasing. Toshiba has also received multiple attacks during this time. Since reactive operations have limitations, it was necessary to use proactive security operations.” Takashi Amano, General Manager, Cyber Security Center at Toshiba Corporation

The challenge was that they had limited internal resources to dedicate to security operations. They knew that in order to ensure continuous compliance and prevent breaches they would need a product that could drive operational automation and efficiency. Toshiba knew that they needed security automation support, which McAfee had never implemented in Japan before.

Toshibas Technical Requirements and POC of Swimlane

Although McAfee Security Fusion Center standardized on Swimlane as their security automation solution, it was not a given that Toshiba would follow suit. Instead, Amano, and Kenji Kojima, Director of Security Operation at Toshiba, evaluated SOAR products to determine which was best suited to meet their technical requirements

Kojima was primarily responsible for evaluating SOAR solutions. He evaluated options based on X primary factors:

• Adaptability – their ability to be customized to meet Toshiba’s specific needs

• Integrations – their ability to integrations with external products and services

• Ease of Adoption – how easy it would be to implement and use the product as part of the McAfee Security Fusion center

• Support System – need for support resources and support available

Automating Vulnerability Management

Of these requirements, adaptability was the most important to Toshiba, and this is where Swimlane excelled during the Proof of Concept (POC) process. Vulnerability management is one use case that Toshiba has found tremendous value in Swimlane’s extensible playbooks. Using Swimlane, when a vulnerability is announced, Toshiba is able to report on and aggregate all vulnerability information into one communication to all of the security operations staff at once. As a result, Toshiba has a system of record about the existence of the vulnerability that can be immediately referenced without the need to reach out to the one analyst who was in charge at the time.

Adaptable Incident Response Workflows

From a features and functionality standpoint, Toshiba was impressed by the visualizations and how customizable Swimlane’s dashboards were. Their desk review and POC verified that Swimlane would be able to meet their established incident response workflow all the way from threat detection, to enrichment, through closing out the incident. See how it works in this Incident Response Demo video.

See for yourself

Learn how Swimlane can adapt to, and scale, your security automation processes schedule your own live demo at swimlane.com/demo .

*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) authored by Katie Bykowski. Read the original post at: https://swimlane.com/blog/toshiba-mcafee-swimlane/