The threat intelligence team were empowered to provide proactive threat intelligence to stakeholders across the C-suite, SecOps, fraud prevention, physical security and more.
The Challenge
A global hotel company with over 5,000 hotels and 200,000+ employees needed timely and actionable threat intelligence to mitigate risk across key areas including their supply chain, employees and executives, websites and mobile apps, customers and customer data, offices and hotel locations.
The hotel and hospitality industry is a frequent target for cyberattacks, including ransomware and DDoS incidents targeting companies, as well as their subsidiaries. Service disruptions caused by these attacks have a direct impact on customer satisfaction, brand reputation and loyalty.
But as one of the sectors most economically impacted by the pandemic, the company’s cyber threat intelligence (CTI) team faced the challenge of safeguarding operations with tighter budgets and reduced resources. The company’s CTI team wanted to provide the highest quality intelligence possible but didn’t have the tools or people they needed to do so quickly and effectively.
The Solution
The hotel company partnered with Silobreaker to streamline their intelligence production cycle, increase efficiency and dramatically improve intelligence quality. The company’s time-consuming, manual tasks and processes – collecting information from numerous sources and spending too much time on manual online searches – have been replaced by Silobreaker’s automatic collection, processing and powerful analytical tools.
With Silobreaker, the company’s threat intelligence team has access to all the key sources of intelligence they need in a single tool – eliminating the need to pivot between multiple platforms. Furthermore, Silobreaker’s collection and tagging features mean that analysts can organise sources in a “way that makes sense to them”, based on their PIRs and internal stakeholders. Automatic alerting means analysts don’t need to manually monitor sources and can spend valuable time on other areas.
Through Silobreaker, the company’s CTI team have been able to establish themselves at the core of the hotel company’s threat intelligence function, equipped to respond to intelligence requirements from a variety of internal stakeholders – vulnerability management, incident response, security operations centre, threat hunting and pentesting, fraud prevention and physical security.
The Outcome
- Improve their defences against botnet attacks through the monitoring of underground discussions and easier facilitate collaboration between the CTI and protection teams to predict when a new wave of botnet attacks may be launched
- Track ransomware attacks against their subsidiaries as well as other hotel chains, enabling them to be the first ones to know and notify their industry peers
- Better identify and prioritise vulnerabilities based on proactive intelligence received from the CTI team