Hello Security Ninjas,
I don’t know about you, but I seem to spend a lot of my spare time doing DIY. It’s a massive market, with multiple retailers competing to ensure that not only DIY-ers like me, but large building firms working on projects of all sizes choose them for their supplies.
Travis Perkins PLC is one such business and is the largest building materials supplier in the UK. In such a competitive marketplace, the organization decided that IT could be a key differentiator and adopted a ‘Cloud-First’ approach to all areas, including security. This has meant that the business has begun the challenge of moving applications and workloads to the Cloud, resulting in a complex hybrid environment that needs to be monitored for potential threats.
To tackle this challenge the Travis Perkins PLC uses Splunk Enterprise Security deployed on Splunk Cloud as its SIEM, taking a ‘lean security operations center (SOC)’ approach. The security team works hand in hand with IT Operations to respond quickly to the vast majority of threats that affect the organization, with more serious threats escalated as they develop. This is a sizeable task, as the Travis Perkins PLC has 2,000 branches and 28,000 employees spread out across the UK.
When a security incident happens somewhere in the organization, a phishing email for example, there is an automated response determined by risk scoring of the threat. This means the threat can be isolated and often eliminated without the need for manual intervention. This has reduced the time it take for threats to be addressed from days to hours, as well as ensuring resources are allocated where they are most needed.
Check out the video to discover how this approach enables Travis Perkins PLC to focus on innovating in the way it delivers supplies to DIY enthusiasts like me, knowing that security is covered.
Finally, take a look at the case study, conf presentation or webinar from Nick Bleech, head of information security at Travis Perkins PLC, to find out more about how the business is using Splunk Enterprise Security and Splunk Cloud.