Case Study

Global insurance company cuts cybersecurity OpEx 40% by transforming SecOps with cloud-native security solution

UST helped one of the world's largest financial services companies overhaul its security operations with comprehensive cloud-native cyber defense services. Our scalable solution automated incident response and streamlined security operations, helping to reduce operating costs by 40% through optimized data collection.

Style

Post-info

OUR CLIENT

Our client is one the largest financial services companies in the world. The company has evolved to keep pace with customer demands for comprehensive products and services to serve individuals, businesses, and assets. The company employs over 100,000 people and serves tens of millions of customers globally.

THE CHALLENGE

Seeking strategic cybersecurity partner with robust, innovative capabilities

The financial services company wanted to enhance protection for its business operations by transforming cybersecurity practices and implementing a next-generation security operations center (SOC). With a complex operational landscape of over 600 business entities, spanning a large number of subsidiaries across multiple countries and a workforce of more than 100,000 personnel, the company required a security solution that could adapt to its extensive and diverse business.

The company sought a partner with extensive, innovative cybersecurity capabilities beyond what a traditional managed security services provider (MSSP) could offer. The core objectives for selecting a cybersecurity partner were:

A holistic, risk-based approach—that focuses on overall business risks rather than isolated security measures
Orchestration and automation integrations—critical capabilities that can enhance efficiencies and incident response times, especially across a wide range of vendor tools
A hybrid delivery model—with a high-touch, collaborative approach to seamlessly support ongoing operations
A forward-thinking outlook and a diverse skillset—that could scale to meet evolving security operations needs with an eye toward innovative, emerging technologies
Streamlined SOC processes—offering efficient, repeatable procedures that can improve overall cybersecurity services
Expert-level experience with cloud-native security information and event management (SIEM) platforms—that can easily integrate with existing technologies and adapt to future requirements
Threat mitigation capabilities across multi-cloud environments—since the company was on a journey to adopt different cloud environments based on the specific needs of its varied business entities

THE TRANSFORMATION

Comprehensive cloud-native cybersecurity services

CyberProof, a UST company, delivered a future-proof, cloud-native security monitoring solution designed to meet the financial services company’s global, dynamic requirements while maximizing existing security investments. Key elements of the solution included:

Scalable cloud-native security monitoring—We deployed a cloud-native security platform that adapts to the unique requirements of the company’s business entities. The solution integrates with existing security environments and infrastructure as a service (IaaS) models.
Comprehensive visibility across a range of environments—The infrastructure was built to enhance visibility across all of the company’s environments—on-premises, cloud, and SaaS—offering a holistic security perspective to manage potential risks and threats.
Multi-cloud threat detection—CyberProof created custom integrations to existing SOC tooling fused with threat hunting and threat intelligence capabilities that provided better visibility for the company’s diverse cloud environments.
A hybrid engagement model—We deployed the CyberProof Defense Center (CDC) platform, which enabled real-time collaboration and communication using ChatOps, to improve efficiency and response times while fostering a transparent relationship between the company and our team.
Enhanced cyber defense capabilities—CyberProof operationalized advanced cyber defense measures, including threat hunting, threat intelligence, vulnerability management, and cyber deception. These capabilities allowed the company to proactively identify, assess, and respond to threats before they could disrupt operations.
Multi-tool orchestration—By deploying security orchestration automation and remediation (SOAR) services, the company could better manage a myriad of security tools from different vendors across geographic regions and business entities.
Use Case Management—We introduced a threat-centric, risk-based approach to developing detection and response use cases, known as Use Case Management. This approach ensures that the security strategy aligns with real-world threats and maps to the MITRE ATT&CK® framework, a globally accessible knowledge base of real-world adversarial tactics and techniques, to continuously improve detection and response processes.
Optimized data collection and cost efficiency—CyberProof designed an optimized data collection architecture, significantly reducing data ingestion costs by leveraging a log collection platform. This innovative approach ensured the company could manage large volumes of data efficiently without incurring excessive costs.

THE IMPACT

Scalable, cloud-native solution hardens global financial services company’s security posture

Our cloud-native approach reduced operating costs by 40%. It provided the scalability the company needed—scaling up from three to nine TBs of monitored data in six months—enabling it to maintain robust security operations across its vast global network.

According to the company’s Head of Cyber Defense, “This is probably the biggest Sentinel deployment in the world right now. CyberProof’s highly experienced engineering team built a scalable, cloud-native solution delivered through their CDC platform, providing us with a transparent and collaborative hybrid SOC environment.”

This partnership positioned the company at the forefront of cybersecurity innovation in the financial sector, ensuring that it remains resilient against an evolving threat landscape.

To learn more about UST and CyberProof, or to contact one of our experts, click here.

RESOURCES

https://www.ust.com/en/insights/cybersecurity-financial-services

https://www.ust.com/en/our-partners/microsoft/modern-soc

https://www.ust.com/en/what-we-do/digital-transformation/managed-security-services