As a multinational technology powerhouse, Lumen Technologies is one of the most recognized brands enabling companies to leverage emerging applications and the power of the 4th Industrial Revolution (4IR). Lumen combines network assets, cloud connectivity, voice and collaboration tools, and importantly, security solutions into one platform that enables businesses to leverage their data and leverage next-generation technology. In a word: Wow!
For a fast -growing business like Lumen, expanding organically in terms of capacity and manpower while maintaining the integrity of security operations prompted the organization and its security training director to appoint Security Orchestration, Automation and Response (SOAR) to adapt to business growth across the entire SecOps infrastructure.
“It’s about delivering to clients a variety of managed security services, managed detection response services, and professional security services,” said Wai Kit Cheah, director of security practices for at Lumen Technologies, which maintains and operates two security operations centers (SOCs). ) in Asia Pacific in eight global SOCs.
Watch the video featuring Wai Kit Cheah from Lumen:
Serving Multiple Client Base with Scale
With a client base spanning a variety of verticals, from real estate, property management, investment companies, banks, logistics companies, and even vehicle distributors, Cheah needs a security automation solution that can amplify and help adequately address the capacity barriers they may face along the way.
For Cheah, the selection criteria are very clear: Find a solution that is easy to manage, easy to support, and easy to operate from a partner who can provide the technical support they need. Swimlane quickly became the solution of choice.
“Swimlane maximizes the utility of how we can actually automate the response and the enrichment of the events we receive,” Cheah added. With the durability of Swimlane’s automation machine, events can be processed from any source. This enables the Lumen security team to integrate security automation with user and entity behavior analytics (UEBA), ServiceNow for ticketing, as well as third-party threat intelligence feeds for enrichment. “It’s a whole ecosystem,” Cheah said.
“It’s very important to keep a holistic view of how you want the ecosystem setup, where Swimlane SOAR integrates across different platforms,” Cheah continues. “We’re thinking about how a particular security event is triggered, how it will flow across the ecosystem, and at what stage Swimlane will be responsible to act.”
Security Automation Results
When Wai Kit Cheah first started the automation project, the key performance indicator (KPI) on his team was to increase the automation level by 10%, which for Cheah, refers to how many security events that hit the SOC can be completely automated without people. interference.
The results came quickly. Within the first quarter, the team achieved a 30% level of automation, and after six months, the organization was producing approximately a 50 to 60% level of automation. Today, Cheah and his team have an average 70% level of automation.
“We really surpassed what I started as a KPI, and that was a huge success in my opinion,” Cheah commented. “Swimming has become an integral core part of our SOC. It’s part and parcel of our SOC operations today, and I would say it’s almost impossible to do without Swimlane.”
*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) written by Tony Thompson. Read the original post at: https://swimlane.com/blog/lumen-customer-story/