Ambition
As industrial equipment becomes more connected and sophisticated, security and maintenance become more complex. Businesses need visibility throughout their operations and assets, and the ability to address incidents — from malfunctions to security breaches — before they escalate into major disruptions.
A major international shipping company based in the US recognized the importance of these capabilities and partnered with Wipro for help enhancing observability and monitoring services throughout its operational technology (OT) infrastructure.
Although the company had OT IDS monitoring systems in place, managing those systems across more than 290 sites was a resource-intensive task. The company wanted a professional OT security monitoring team that could manage observability services full time while identifying ways to improve reporting between facilities and the IT teams. It tasked Wipro with leveraging existing security data analytics platforms to build OT-specific smart alerts (use cases) that would enhance security detection capabilities.
Action
On the existing Armis monitoring platform, Wipro created new dashboards to provide a more granular view of OT assets, surface potential vulnerabilities, and increase visibility throughout the network based on the client’s business requirements. The Wipro team implemented custom network IDS policies to improve anomaly detection across critical OT assets and created workarounds for legacy assets that were too expensive to replace but required security updates. These workarounds allowed the client to implement protection mechanisms without sacrificing operational efficiency.
Wipro also established a standard operating procedure for how to respond to cyberattacks within the OT network and instituted regular check-ins with plant managers, IT teams, and OEMs to enhance communication and incident response.
Wipro[ worked with the client to develop OT-specific use cases based on performance data and business priorities. These use cases corelate multiple security solutions deployed in the client’s OT infrastructure and enhance detection capabilities — for example, by integrating OT security log sources into the existing data analytics platform.
Wipro’s approach enabled the team to improve communication between facilities and IT departments without sacrificing security. For example, the Wipro team created storytelling profiles for each OT source actor, adding context to the data to reduce the noise and minimize false positives. By identifying expected behaviors or patterns from specific sources, the profiles allow monitoring teams to easily screen incidents, separating potential false alarms from real ones so they can better manage responses.
Finally, Wipro employed certified OT security specialists to oversee the OT monitoring and observability program, ensuring that the client has continuous access to seasoned professionals.
Ambitions Realized
The company started with a solid foundation of data analytics and OT security monitoring capabilities. By building on those capabilities throughout this project, the company was able to make great strides and accelerate returns on investment.
New dashboards enhanced the performance of an existing platform, providing deeper insights including asset and network security assessments and operational statistics. These insights, combined with real-time reporting and improved OT monitoring, have enabled the company to be more proactive in its risk mitigation. By identifying anomalies and potential security risks before they disrupt operations, teams can take preventative action, increasing its security posture and improving performance.
The client has reported a 97% reduction in false positive alerts since Wipro’s adjustments. The combination of new use cases and strategic workarounds deployed across its OT network have increased visibility and control while adding a critical layer of protection. Detailed visibility into the mix of OT/IoT/IT systems and complex networks with high volumes of traffic has enhanced cybersecurity, enabling the company to better identify risks and take corrective action faster.