Resources

IronNet Blog

Executive Commentary, Threat Research, and Analysis from the IronNet team.

Closing the cyber talent gap with Collective Defense

As one midwestern energy company has experienced in recent years, the global cyber talent gap is taking a toll. This IronNet customer relies on its relatively small SOC to carry the cyber torch and meet the energy needs of more than 1.6 million customers. Like most companies with in-house SOCs, recruiting top talent can be a challenge — not surprising, as the number of unfilled cybersecurity positions has surpassed four million worldwide.  

With such a lean workforce, it became critical for this company to seek out a strategic way  to supplement its in-house team. IronNet’s Collective Defense solution, IronDome, made sense because of its unique ability to automate real-time knowledge sharing and collaboration between and beyond SOCs and sectors for faster threat detection. The customer believes in Collective Defense as a strategic differentiator by allowing it to take advantage of the analysis and expertise of other SOCs in order to identify threats more quickly and reduce potential dwell time. 

Extra eyes and expertise

In addition to offering threat sharing in near real time, IronNet is able to extend this customer’s own SOC capabilities through expert threat detection, analysis, and response through its IronDefense Network Detection and Response solution. Based on behavioral analytics, IronDefense detects unknown threats on the network missed by endpoint detection, firewalls, and signature-based detection. IronNet analysts rate threats as malicious, suspicious or benign, thereby helping the company’s own SOC weed out false positives in a sea of noise that creates typical alert overload. This approach allows the SOC to pivot quickly to response, using its existing SOAR platform.

IronDefense is the only behavioral analytics tool within the customer’s environment. IronNet’s analytics detect the unknown unknown threats and often detect misconfigurations or general issues with network hygiene. 

Collective threat intelligence at network speed

Just as important as IronDome’s force multiplier approach to cyber defense is its technology for sharing anonymized threat intelligence across the sector and with government agencies if necessary. This customer had been challenged by the slower speed of communications with other threat-sharing models. As a result, it was pleased by its newfound ability to share collective threat intelligence across the sector and, anonymously, with U.S. government agencies at network speed, thanks to IronDome. This customer believes that if any private entity is capable of creating a meaningful way to share anonymized information with the U.S. government, IronNet is best positioned to achieve it. 

With visionary leadership, the company is working to maximize its cybersecurity investments across operating companies and leaning in to innovative approaches such as Collective Defense to stay ahead of the curve.

At IronNet, we believe in a “customer first” approach, whereby we build trusted partnerships with every customer built on innovation, collaboration, and customer success. This energy company agrees, “IronNet is truly a partner,” says its SOC chief. 

As a result of this trusted partnership, the customer has increased threat visibility, optimized its cybersecurity investments, detected malicious and unexpected threats not otherwise detected, and allowed for greater collaboration across the energy sector. Indeed, it is a model of seeking out and applying innovative capabilities for the energy sector to strengthen cyber defenses against highly organized and sophisticated cyber adversaries — all while lessening some of the burden of its overloaded SOC.