Skip to main content

A recipe for greater cyber confidence

Food service company orders up detect and respond solution as a service

Lightning can strike twice—and sometimes simultaneously. A large US food service company with hundreds of locations had been hit by two simultaneous ransomware attacks. The company needed a solution, and they turned to Managed Extended Detection & Response (MXDR) by Deloitte for the answer.

Download the pdf

The starting point

The call came in on a Saturday night. A large US food service company with hundreds of locations had been hit by ransomware, bringing critical back-office operations to a halt. Functions such as payroll—a vital activity for the privately held organization and its thousands of hourly employees—were thrown into chaos. Leaders needed a solution now.

On the other end of the phone line—Deloitte, whose team of incident response professionals stepped in immediately. The team got the organization back to normal operations, quickly mitigating issues, establishing a recovery plan, and bringing a renewed sense of calm to the organization.

Within a matter of days, the organization was running smoothly again, but its leaders wanted more. They wanted to prevent such a disruption from happening again—and to do it in a way that did not require the company to invest heavily in internal cyber capabilities and tools. Instead, an “always on” turnkey solution—continuously managed by someone else— sounded ideal.

Factors in Focus

 

  • A need to ensure business continuity amid ongoing cyber threats
  • A desire to rely on external operate services as a solution, rather than internal talent and tools
  • A focus on positioning the business to address future needs, not just a onetime disruption

The way forward

The company believed that Managed Extended Detection & Response (MXDR) by Deloitte could meet all the requirements, letting the business take advantage of managed cybersecurity services and a fully Software-as-a-Service (SaaS)-based approach to incident management. MXDR by Deloitte provides a modular set of third party, market-leading technologies for threat hunting, detection, response, and remediation, which is combined with proven processes run by an experienced cybersecurity team who proactively pursues threats and mitigates business risks.

With the majority of cyber solutions existing in a Deloitte-managed cloud environment, MXDR by Deloitte would let the company avoid creating a new security operations center, investing in on-premises solutions, or acquiring in-house cyber talent. Instead, the company could focus more on its core business, handing off responsibilities for incident detection and response capabilities to Deloitte.

Before adopting MXDR by Deloitte, company leaders wanted to know if they could leverage their recent investment in cybersecurity solutions. In asking the question, they discovered that their existing solution was less mature in its detect and respond capabilities and ranked low in analysts’ ratings. They decided to accept that their existing tool was a “sunk cost” and to move forward with MXDR by Deloitte—selecting the solution based on its superior risk mitigation functionality and ability to help keep company operations running despite ongoing cyber threats.

In addition to endpoint protection, MXDR by Deloitte is providing the company with proactive threat hunting, 24×7×365 monitoring, and response and remediation—all through an integrated suite of cloud SaaS offerings managed by Deloitte specialists in cyber threat intelligence, security engineering, and operations. The solution was delivered and managed by Deloitte as both an innovation and an outcomes-based “Operate” service.

The new solution, which was deployed in a matter of days, also provides flexibility and scalability through a modular, cloud-native approach, which can expand to include insider threat, cloud security, and identity capabilities.

With a single integrated set of leading cyber technologies—provided turnkey and as a managed Operate service—the organization has boosted its cyber resiliency and confidence, with an improved ability to prevent and recover from business-disruptive events. Moreover, it better positions the company to embed continuous advantage and address future needs, including new cyber demands or business expansions.

The achievements

Let’s talk cyber

Did you find this useful?

Thanks for your feedback

If you would like to help improve Deloitte.com further, please complete a 3-minute survey