Case Study Project Services

Securing the future on Azure

Major international airline, Middle East

In brief

Challenge

  • Lack of understanding maturity level of security processes in case of a major cyber-attack
  • No clarity whether all infrastructure and application security patches were being implemented systematically
  • Multiple vendors for different security solutions made it impossible to manage centrally
  • No security roadmap in place

Solution

  • Comprehensive Cybersecurity assessment delivered covering all inventory and software deployment data
  • Cybersecurity Controls roadmap based on CIS’s (Center for Internet Security) global standards
  • Microsoft security solution identified which was already licenced but not implemented
  • Consolidation of applications and systems with current versions to ensure all software is fully supported with centralised security patches
  • Security patches were mapped for vulnerabilities

Background

Our customer was one of the first commercial airlines established in the Middle East.Today, it is a major international carrier serving 42 cities in 25 countries and spanning three continents.

Challenge

Their business manages a large IT infrastructure and cybersecurityis mission critical to the success of the IT operation and the business in general. They wanted to understand the maturity level of its cybersecurity policies and procedures as well as potentially improve its readiness to counter the rising threat of cyber-attack.

The airline was using a range of software vendors for different security solutions to protect over 1400 software products and associated versions, they wanted to understand if they could increase their security coverage by focusing on a Microsoft solution. They were also concerned that a lack of visibility of their software estate meant not all their client applications were being updated with current security patches.

Solution

Halian and Microsoft delivered an extensive Cybersecurity Assessment covering inventory and software deployments data and Cybersecurity Controls mapping based on CIS’s (Center for Internet Security) global standards. This meant that deployment details for operating systems and software applications were analysed for support coverage and security patches were mapped for vulnerabilities. CIS’s Security Controls (CSC) were mapped in an interview with key IT stakeholders covering all 20 CSC Controls with 146 different questions.

Outcome

Our customer has received a comprehensive report with the maturity level of their existing cybersecurity policies and procedures, including a comprehensive roadmap on how to improve their maturity level in the near term. They are using the recommendations and roadmap to implement solutions from Microsoft that were already under license but still had not been deployed due to a lack of visibility – a near zero cost win for the airline. Tactical recommendations to replace old and unsupported applications and operating systems with more recent versions have been taken up and fully supported security patched regularly applied.

“Halian helped us to get a better understanding of where we are vulnerable and where we can enhance our maturity level on Cybersecurity with a few minor adjustments. We have managed to remove certain high-lighted vulnerabilities in our network that has dramatically increased our maturity level and we have changed our processes based on the recommendations that were shared. Eventually I am sure that we will continue this kind of procedures on a recurring basis to constantly ensure that we are ahead of the game when it comes to Cybersecurity.”

Manager IT Technical Services