In the middle of 2021, Rokster was approached by a client that needed help with their OT cybersecurity but didn’t know where to start. This company was based in Latin America and had recently grown through mergers and acquisitions, leaving them with a mess of dissimilar systems and processes that they had to manage across the globe.
In this interview, Dominik Birolin, VP Cybersecurity Services at Rokster, details how his team used the SecurityGate.io platform to rank priorities and create a roadmap for his client to meet their maturity goals. Watch the full video below. For convenience, we included timestamps and a brief summary of what is talked about at each stamp.
(7:19) Assessments Made Easy
After speaking with the client, Dominik went on the search for a platform that would help his team stay organized while performing assessments. Since the company had facilities worldwide, different frameworks would be needed to comply with country-specific requirements, adding even more complexity to the issue.
After partnering with SecurityGate.io, the team at Rokster was able to quickly assess all 108 controls and provide specific recommendations for each one. They also used the reporting from the platform as a leave-behind for their client. This data, along with recommendations from Rokster, gave the company a solid plan for how to integrate their systems with a 4-phased approach.
(9:17) What Rokster Found
Once the assessment was complete, the Rokster team was able to use the reports from the SecurityGate.io platform to provide their client with next steps. “It’s not uncommon for many controls to be missing within organizations of this size and geographic location,” explains Dominik, “Having reports like this helps us to visualize the gaps so that we can remediate [the problems].”
(9:57) Areas of Excellence – What the Client Did Well
As Rokster worked alongside their client, they noticed some things about their cybersecurity program that are worth mentioning for every organization to consider.
First, the client’s team had experienced practitioners in IT and OT operations. With a solid foundation of knowledge, the client’s team was able to quickly catch on with the changes that were needed.
Secondly, the client also had an internal training program for their security practitioners. In the case of this client, there was lots of institutional knowledge that had not been documented in any of their policies but needed to be passed on, nonetheless. Best practice is to document all processes, but internal training should still remain an important part of any cybersecurity team’s operations. As the industry faces a shortage of qualified talent, it’s more important than ever to give new hires a chance to learn more experienced members of their team.
Last, the organization was aligned on cybersecurity strategy all the way to the C-suite level. They already planned and created a strategic budget and had some organizational policies in place to promote a culture of cybersecurity throughout the organization.
(10:42) Opportunities for Improvement
Rokster identified that the company needed to create and document many processes, and update some existing ones. For example, their client did not have an asset inventory, leaving them blind to any potential threats. They also did not have a change management process in place, or a central team to govern all the decisions made across the organization.
(12:12) How SecurityGate.io Helped Their Client
The SecurityGate.io platform provided a roadmap to help Rokster’s client prioritize their time on the most important remediations first.
The organization had many dissimilar systems that needed to blend together into one security architecture. After performing the assessment, Rokster had the data to back up their recommendation for the organization to form a centralized cybersecurity team that would standardize policies and procedures across the board.
Rokster also emphasized the importance of having an asset inventory. This is the most basic and fundamental aspect of cybersecurity management,” Dominik noted. “If you do not have an asset inventory, its’ really hard to understand where your maturity stands and to assess your cyber maturity.
A native integration within the SecurityGate.io platform makes uploading all assets an automatic process. Users can also utilize the platform API to connect any asset inventory they may already have.
Once they have a complete inventory, Rokster recommends conducting a business impact analysis in order to determine the most critical systems. This too can be done within the SecurityGate.io platform, simplifying the entire risk management process.
“Using SecurityGate allowed SME’s to perform the initial assessment but it can also be used over time to provide a snapshot and provide updates to their cybersecurity journey.”
