“Arctic Wolf gives us multiple layers of protection at all times. This gives our team the peace of mind to know we always have eyes on the lookout for potential risks.”
— John Seaver, Director of Information Technology, DLZ
When it comes to data security, architectural and engineering firm DLZ doesn’t have room for error. Due to its frequent collaboration with federal agencies on a range of vital infrastructure projects—including designing national border walls, courthouses, federal dams—DLZ is responsible for securely storing hundreds of design documents that carry a controlled unclassified information (CUI) designation.
For this reason, when DLZ’s IT team first noticed suspicious network activity early one Monday when a ransomware attack was launched, they quickly acted.
“If some of our designs fell into the wrong hands, it could be trouble,” said John Seaver, the company’s director of information technology. “It’s especially important that we protect our intellectual property and ensure bad actors never gain access to it.”
DLZ’s IT team noticed the ransomware attack quickly enough to shut down the network and stop it from becoming a full-fledged assault. But the unnerving experience was more than enough motivation for Seaver and his team to explore security operations solutions that would help further protect the firm from this type of situation, as well as other potential security risks, in the future.
Finding a managed solution that would help the organization uncover vulnerabilities and immediately alert DLZ’s IT team at the earliest sign of a potential threat was essential. Additionally, the firm sought always-on 24x7 monitoring that would continually track and assess cyberthreats, especially during nights and weekends when the IT team was out of the office. What’s more, DLZ hoped to find a managed detection and response (MDR) tool that would seamlessly integrate with the Mimecast, Zscaler, and CrowdStrike security tools it was already using.
A Partner That Checked All the Boxes
To make sure they made the right decision, Seaver and team exhausted all their options during a nearly four-month long RFP process. They looked at the pros and cons of several different solutions before they reached out to Arctic Wolf for its security operations expertise. Once they did, it didn’t take long for the team to realize they had finally found an MDR solution that checked all the boxes—Arctic Wolf® Managed Detection and Response—as well as a solution to manage vulnerabilities—Arctic Wolf® Managed Risk.
In addition to meeting DLZ’s need for around-the clock network security visibility and risk monitoring, Arctic Wolf’s Concierge Security® Team of security experts went above and beyond to help DLZ develop a solution that fit with its unique data workflows and accounted for the specific data protection requirements laid out by NIST SP 800-171 for sensitive federal CUI data.
“It was important to us that we could trust the people behind the technology,” Seaver said. “The Arctic Wolf team really took the time to understand our challenges and help us figure out the specific IT infrastructure we would need to protect ourselves before it was too late.”
A Multilayer Cybersecurity Defense Strategy
When it came time to deploy the new Arctic Wolf Managed Detection and Response solution, the integration process went smoother than Seaver ever could have imagined. From start to finish, Arctic Wolf guided the configuration—seamlessly integrating DLZ’s Mimecast, Zscaler, and CrowdStrike tools to work in sync with Arctic Wolf’s threat detection and remediation capabilities. The final result was a robust, end-to-end cybersecurity solution that included multiple protective layers to keep critical data out of the wrong hands.
“The more eyes we have on potential threats the better— Mimecast and CrowdStrike are watching, our users are watching, we are watching, and now Arctic Wolf is watching as one final line of defense,” Seaver said. “All these layers make us feel confident we are doing all we can to prevent or mitigate ransomware and other threats before they can slip through our defenses.”
“The defense in layers strategy has already paid off, as each of Mimecast, Zscaler, and Crowdstrike have alerted Arctic Wolf to disparate incidents, and I can get a single report that aggregates all this information instead of having to check three different systems and correlate the information myself.”
Now, Seaver and his IT team can better see where their infrastructure might be vulnerable and need patching through the Managed Risk intuitive risk dashboard. And, as an MDR customer, with each potential threat ticket that comes in, DLZ’s IT team receives step-by-step advice on how to validate the threat and neutralize it—while also minimizing its impact on broader organization-wide workflows.
“We used to just shut everything down when a potential threat was observed, but now with Arctic Wolf we have the ability to isolate specific users and focus our attention on smaller segments of our network. It’s a much more sustainable strategy for us,” Seaver said.
Protecting DLZ’s Future
While Seaver and DLZ’s executive team are confident about DLZ’s network security posture today, they are aware that the organization’s risks are always changing— and they want to always be ready for whatever comes. Acquisition is a key growth strategy for DLZ—which means new partner organizations and new employees are constantly being added and subtracted from the DLZ network.
“Now, as soon as we make an acquisition, it’s easy to plug in an Arctic Wolf sensor, set up Mimecast, and connect Zscaler and Crowdstrike,” Seaver said.” “It gives us comfort knowing we can focus on growing and building our core business without security risks holding us back.”