With Conscia Cyber Defense, the auditing firm BDO has gained access to the right security expertise – and a Security Operations Center (SOC) with security monitoring 24/7.
– Conscia’s experts call us in the middle of the night if something happens, says CISO Håkan Skyllberg.
The auditing and consulting company BDO previously handled the security independently and through various suppliers. BDO has now chosen to assemble security and vulnerability monitoring from one supplier – Conscia.
– In addition to living up to our own high-security requirements, many of our customers expect us to have ongoing security monitoring, Security Operations Center, an SOC. It is difficult to manage based on our resources, and it is a challenge to recruit people with the necessary security expertise. This is where Conscia comes in, says Håkan Skyllberg, who is CISO at BDO.
BDO is a global network of auditing firms operating in more than 160 countries. BDO has 18 offices in Sweden with around 800 employees, whose IT Conscia Cyber Defense now protects operations.
– The most important thing for us is, of course, to protect our customers’ information. The entire BDO’s operation depends on trust, which is shown by the fact that the industry is highly regulated with high security requirements, says Håkan.
Security monitoring 24/7
The most critical aspects that BDO gets help with within this SOC Case are 24/7 monitoring, vulnerability scanning and central logging.
Security monitoring 24/7 has been a crucial prerequisite for BDO’s security work.
– We have a limited number of employees in IT, so it did not make sense to handle monitoring 24/7.
– If there had been an attempted intrusion on Saturday night, there was a risk that we would not have known until Monday morning. It’s way too late. Now Conscia calls us in the middle of the night if anything happens. We did not have that ability before.
Vulnerability scanning of all clients and servers is also included in Conscia’s solution.
– It is very concrete, says Christian Källqvist, IT architect at BDO. Some computers or programs may need critical patching.
The necessary measures are prioritized based on the severity of the vulnerabilities.
– We often have a dialogue with Conscia about where we should start to minimize exposure.
The logs were previously distributed in different systems now. They are now collected in one central place, which Conscia handles.
– This means that we can easily perform different types of analyzes when needed, says Håkan.
Customer portal provides transparency
The security solution that BDO has chosen, Conscia Cyber Defense, is based on an established solution adapted to BDO’s needs. Despite the adjustments, it was quick to get started.
– We had said a month, but were up and running after three weeks. It was clear that Conscia has done this many times before. It reassured that Conscia had thought through how and within what time frame an implementation would occur, says Håkan.
– We can easily and securely log in and see what vulnerabilities there are, what attacks and threats are most common or which scams are circulating right now, and what the analysts are working on. Then we can drill deeper to see more precisely what happened. It provides transparency. As CISO, I go in a couple of times a week and check, of course, our system administrators check more often, says Håkan.
Monthly follow-up on security work in a SOC Case
The monthly reports with Conscia have also become an important part of the security work for BDO.
– At our follow-up meetings, we primarily look back and see what has happened in the past month. But we are also looking ahead – what can we do to become even better?
Conscia presents its analysis before the meeting and makes suggestions for improvements discussed at the monthly meeting. Conscia’s SANS GIAC-certified security experts are based in Slovenia, which BDO sees as an advantage.
– They see many different types of attacks and activities because they work with customers from several countries. The experiences from different cultures also make them good at communicating, says Christian.
Conscia in a SOC case – The Night’s Watch in Game of Thrones
For BDO, the collaboration with Conscia is part of a more extensive, continuous information security work.
– Security is not something you finish, cross off and set aside. You need to constantly improve. Not least because there are always new threats, new services and new systems, says Håkan.
– If you imagine a wall around the company, then Conscia sits on our wall and keeps watch. They keep track of the weaknesses in the wall, suggest improvements in the mortar and sound the alarm if anything happens.