INDUSTRY: Energy
BUSINESS: Lignite (brown coal) mining company based in Germany.
SCOPE: National
SIZE: 2,700 employees
BUSINESS CHALLENGE: To help keep critical operational systems secure, MIBRAG wanted a unified overview of IT assets and vulnerability management.
SOLUTION:
WHY THEY CHOSE QUALYS:
MIBRAG is a modern coal mining company based in Zeitz, Germany. It produces up to 20 million tonnes of raw lignite annually, providing clients across central Germany with a reliable energy source to power and heat homes and businesses. The MIBRAG Group employs approximately 2,700 people.
To ensure continuous energy supplies for its clients’ large-scale power and heat plants, MIBRAG as a raw-material supplier must keep its mining operations running without disruption. With cyber security threats evolving all the time, the company wanted to do more to keep operations protected.
Gerald Espenhain, IT Security Officer at MIBRAG, begins: “We are very conscious of the environment and have invested over EUR 1.4 billion since 1994 into cutting-edge technology and environment protection. By doing so, we can make our production processes as efficient as possible and reduce emissions. Nonetheless, we are aware that we are a potential target for environmental campaign groups and so-called ‘hacktivists’ eager to promote their political agenda.
"Keeping our systems secure from external threats is a top priority – and also a constant challenge. With more and more of our IT systems communicating over the Internet and supporting tightly integrated business processes in a dynamic energy market, we need to be extremely vigilant to ensure that critical systems stay online. Even just a few hours of downtime would have a severe impact on the business. And because the cyber security landscape is always changing, we really need to be on our toes."
In the past, MIBRAG used a range of different systems and relied heavily on annual penetration testing conducted by various service providers. Gerald Espenhain comments: "We found that running periodic penetration tests was no longer sufficient. There are always new threats coming through and with so many of our systems now facing the Internet, we wanted to monitor and manage vulnerabilities more effectively to strengthen our IT security."
Enterprise TruRisk Platform is at the heart of our security strategy. Being able to log into the Enterprise TruRisk Platform from any device, at any time and get a unified overview of our IT environment is invaluable. With the Qualys solutions, we know we can keep operational systems safe and secure – and help keep power supplies flowing.
MIBRAG relies on the Enterprise TruRisk Platform to deliver a continuous, comprehensive view of its IT systems.
"What initially attracted us to the Enterprise TruRisk Platform was its simplicity," recalls Gerald Espenhain. "It was refreshingly easy to test the Qualys solutions over a trial period. And after we had successfully evaluated the solutions, the actual deployment was very straightforward."
photo by Rainer Weisflog
The company worked with technology partner yourIT to replace its existing tools with Qualys Vulnerability Management (VM), Qualys Web Application Scanning (WAS) and Qualys Malware Detection (MD).
Gerald Espenhain comments: "Excellent support from yourIT ensured that the deployment went smoothly. They also provided in-depth training to make sure we were all up to speed and able to get the most out of the Enterprise TruRisk Platform. Over the years, yourIT has proven itself to be a highly valuable partner for us. We know we can always reach out to them if we ever have any questions."
Today, MIBRAG uses Qualys VM to scan its entire network, including its mission-critical Windows servers, for vulnerabilities. Results are displayed in a single executive dashboard, giving the IT security team a central, at-a-glance overview of all vulnerabilities and potential cyber security risks.
"The Qualys VM reports are highly detailed and we really like the fact that vulnerabilities are automatically ranked according to their severity," says Gerald Espenhain. "This level of insight means that we are now able rapidly and intelligently assess the threat to our network and then prioritise the most critical issues. We can now deal with the most urgent vulnerabilities more rapidly, helping us to lower the risk of any potential security breaches."
Furthermore, the company uses Qualys WAS to scan its web applications for vulnerabilities, and Qualys MD to detect malware, ransomware and other external threats.
Gerald Espenhain notes: "There has been a sharp increase in ransomware attacks, such as the recent WannaCry incident that made headlines. Knowing that our systems and web applications are continuously scanned and monitored for vulnerabilities and malware gives us confidence that we can react rapidly if needed."
With regular vulnerability and malware scans, the Enterprise TruRisk Platform is helping MIBRAG to keep its core business systems protected – while saving time and effort for the IT security team. With a number of systems managed by external partners, sharing a common understanding and standard documentation helps make sure everyone is on the same page. Both sides benefit from the reports, as they also confirm that patches have been deployed successfully.
photo by Rainer Weisflog
Using Enterprise TruRisk Platform, MIBRAG has streamlined its internal security auditing processes. Today, every new application is scanned before being signed off for production deployment. Gerald Espenhain says: "Our goal is to minimise the attack surface across all applications. In the past, we sometimes had debates with vendors about security policies, open ports and details like that – Qualys WAS has proven to be a powerful tool to ensure all vendors take security as seriously as we do. Having an independent report during the implementation really helps to get the point across and has boosted security levels for new deployments. This approach has also helped us streamline procurement, since we now have hard figures about security that we can take into account when evaluating competitive offerings."
"Another advantage of the Enterprise TruRisk Platform is that we don’t need to do any kind of maintenance," says Gerald Espenhain. "The scans run automatically and are always up to date with the latest technology. We can be sure that new vulnerabilities will be uncovered rapidly. This increased level of security also helps, for example, to reduce insurance costs and align our processes with the ISO 27001 IT security standard, making it much easier to get a certification, should we need one."
yourIT itself is one of the first ISO 27001-certified companies and security providers, and was therefore the perfect partner for MIBRAG in their quest to meet the high requirements of ISO 27001, especially point A.12.6.1, which deals with the management of vulnerabilities. By providing a high level of expertise in this field, yourIT can help MIBRAG meet the security standards as well.
By working with yourIT to harden its systems and by replacing external penetration testing with the Enterprise TruRisk Platform, MIBRAG has simplified IT security processes and cut costs – enabling the company to invest more in business continuity procedures to keep the lights on.
Gerald Espenhain concludes: "Enterprise TruRisk Platform is at the heart of our security strategy. Being able to log into the Enterprise TruRisk Platform from any device, at any time and get a unified overview of our IT environment is invaluable. With the Qualys solutions, we know we can keep operational systems safe and secure – and help keep power supplies flowing."