Following a recommendation from their bank, one of Chicago’s top construction firms now relies upon onShore Security to protect their network against foreign threats and other bad actors. Since working together over the last three years, the firm hasn’t had a single network breach.
Protection Against Foreign Governments
The relationship began with a military contract, according to the firm’s CIO. “We considered ourselves to be a secure business until we picked up a contract with the U.S. military that made us ‘interesting’ to foreign governments. That day, we saw questionable traffic that went from background noise to a deafening level. We knew how to protect against domestic threats but not foreign governments. We needed help beyond malware.
“I turned to friends in banking and asked what they did to make themselves safe, and they turned me onto onShore. I spent some time with the onShore team and immediately recognized that they spoke our language – both on a business level and a technical level. They’re engineers and not salespeople, and became good friends of ours.
“We trust in onShore because they do business with a whole lot of banks, and they have standards that I can’t even imagine – far greater than what I have to reach for.”
Cybersecurity Services Provided
According to the CIO, the company originally hired onShore to do a network security evaluation first. onShore was then hired to provide the following:
- Firewall management
- Managed detection and response (MDR)
- Cybersecurity policy consulting
“onShore offers 24/7 monitoring,” he said. “We couldn’t do this ourselves – all on the perimeter. We know how to look at firewall and logs for suspicious activity, which involves a lot of data analysis, but we’re not looking at 3am. If it’s suspicious activity coming from Russia, China, I need to be woken up, and this has happened. Two years into our relationship, I got a phone call from onShore to let me know they had seen strange network traffic and they shut it down for me. We would’ve otherwise missed that event. onShore gives us visibility.”
onShore now has sensors inside the company’s network to monitor server traffic, server to client traffic, traffic leaving the network, coming back from internet, to-and-from the network using multiprotocol label switching (MPLS),” the CIO said. “Anything coming in or going out this building runs through a sensor.”
Reporting & Growth
The company’s information security engineer, cites onShore’s vigilance and communication.
“onShore does a good job reporting what they’re seeing and blocking. They’re in constant communication. We get alerted when we should look into things like communication with known bad networks or if someone downloaded malware,” he said.
“onShore’s scope of work has grown over time. They do firewall and intrusion detection and monitor and consult with us on perimeter architecture. They’ve expanded our intrusion detection beyond the initial scope to other parts of the business, We’ve also invited them to join our monthly security board, to provide recommendations and advice – like a virtual CISO.”
A Relationship Built on Trust
The relationship is key. “We take a belt and suspenders approach to cybersecurity,” the CIO says. “onShore is the belt and we’re the suspenders. onShore provides a lot of visibility to us with events and network activity. Their reporting includes identified threats and other things that need our attention. onShore points out infected machines. We also scan the network ourselves. They fill in the gaps for us, making us pretty good at identifying risks and eliminating them.
“Our relationship is based on trust. I belong to different peer groups, talk to other construction CIOs, and compare notes, I’m one of the only guys that uses a third-party for security. A lot of other construction companies do cybersecurity in-house. We talk about vulnerabilities and other construction companies don’t get it. They don’t know what a vulnerability management system (VMS) is and don’t know why to use it. We’re doing things others aren’t and onShore coaches us into that position. I think we got a head start.”
“I don’t know what I don’t know,” the CIO continues. “It’s hard to see over horizon. onShore sees what’s coming sooner than I do, which is why I asked them to be part of our security board. They talk about current events, short-range stuff, the long range sometimes. If a new standard comes, onShore will get us ready for it.
“We feel comfortable with onShore, and have very good relationship.”