The industry threat landscape
As a result of the Fourth Industrial Revolution, digital operations within the manufacturing industry are becoming increasingly complex. Unfortunately, adequate cyber protections are not being implemented at the same rate as innovation. As a result, many manufacturing businesses are seeing an increase in cyber-related incidents. Breaches in cyber security have the potential to affect any part of the supply chain. Modern attacks aim to disrupt operations and thus threaten the safety, profitability and reputation of manufacturing organisations. Ransomware, for example, has the potential to halt entire manufacturing supply chains whilst other attack methods can be used to gain access to company systems and steal customer data, exposing customers to identity fraud.
Yeo Valley was established as a brand in 1994, although the Mead family, who own the business, can trace their farming roots back to the fifteenth century. Yeo Valley operates as a farming and dairy processing company and is currently the UK’s largest organic brand.
“We have gone from not having a security team, to having a security team’ as a result of SenseOn.”Matt Blee, Cyber Security Manager
Yeo Valley has a large farming and dairy manufacturing infrastructure that includes a combination of distribution, manufacturing and office sites. The business has a very lean security team that, whilst functional, lacks the capacity to fully manage all aspects of security 24/7. Yeo Valley faced a number of industry specific challenges before they decided to invest in SenseOn. For example, as a result of their complex estate, with a mix of IT, OT and IoT devices, the team had limited network visibility. This resulted in tough to manage areas and the potential for oversight, leaving them more vulnerable to cyber attacks. Relatively common processes and procedures such as investigating suspicious activity or warnings from NCSC would take a huge amount of time.
Choosing and deploying the right technology
Before SenseOn, the security team at Yeo Valley had no visibility of network traffic, nor an ability to proactively detect suspicious activity. As such, they relied on performing investigations manually and on an ad-hoc basis.
As a result of their lean setup, with time and resource constraints, the security team required a tool with an intuitive interface that could be easily operated without the need for extensive training. Given the nature of the threat and the impact of a loss of access to IT and OT devices, the team needed a tool that would deliver value quickly, providing estate visibility and detection capability, without months of tuning.
Additionally, as food and beverage manufacturing is a low margin industry, the platform chosen had to represent great value for money.
“We just put SenseOn in and let it flow. There was minimal time for implementation. Nothing we’ve ever put in has shown value so quickly.”Matt Blee, Cyber Security Manager
Build or buy?
The security team at Yeo Valley had considered using a SIEM based approach, collating logs, writing use cases and investigating the resulting alerts.This approach would have required three to four full time specialist security hires in a particularly difficult market. The expected delivery time for SIEM implementation is over six months and these projects are often delivered over budget. It was also expected that the ongoing maintenance of a SIEM would have taken up time and resources which the Yeo Valley were not in a position to commit to. As a result, the team decided that SenseOn would be able to give them more value than this approach, whilst costing less.
“SenseOn gave us a jump in awareness across our network. We were able to harden our posture and take hard data to the business to drive change.”Matt Blee, Cyber Security Manager
SenseOn has given Yeo Valley a substantial increase in visibility across their network and have enabled a ‘big jump of awareness’ for this team. This new level of network insight has been described as ‘game changing’.
SenseOn has proved to be particularly useful in a reactive sense. The team is now empowered to investigate and locate suspicious activity across the network, where before these vulnerabilities would not have been flagged. For example, in one instance the team noticed, through the SenseOn platform, that a device on their guest network was connected to a blacklisted IP address.
Within half an hour, it was discovered where this had happened, how it had happened and who the device belonged to. The time that was saved in triage was better spent on re-securing the device and re-training the user on device health. Additionally, having SenseOn has enabled this security team to build business cases to expand the scope of their operations.
As Matt Blee, Yeo Valley’s Cyber Security Manager, put it ‘we have gone from not having a security team, to having a security team’ as a result of SenseOn.
“We just put SenseOn in and let it flow. There was minimal time for implementation. Nothing we’ve ever put in has shown value so quickly. We have gone from not having a security team, to having a security team as a result of SenseOn.”
Cyber Security Manager, Yeo Valley
“SenseOn was the toolset we'd been missing. As a small business, we need to have the same level of protection against threats as the big players, but we don't have the budget to employ dedicated security specialists and this is where SenseOn comes in."
IT Solutions Architect, Harbottle and Lewis
“SenseOn is our most valuable security tool due to its ease of use and ability to detect across the estate. The speed of customer service is a huge benefit – I can use the intercom and within minutes, I have a response and someone helping me build a query or general support where I have a knowledge gap.”
Senior VP of Information Security, KidsLoop
“We were keen to utilise new and innovative technology to defend our organisation. We spent a lot of time looking at more conventional solutions, but only SenseOn offered the functionality we wanted at a sensible price point.”
IT Director, bpha
"SenseOn is what you look for in a partner. They have been amazing to work with and dedicated to the success of Advantage and protecting our business."
VP Information Security
Loved by teams and companies you know.
We do security differently.
SenseOn was founded on the belief that the cybersecurity industry is broken. Designed by security professionals who have felt the pain of traditional tools, SenseOn’s vision is to remove the burden of mundane, repetitive work so security and IT professionals can enjoy more fulfilling careers by enabling an autonomous, intelligent and secure digital world.Read more
Explore our collection of eBooks, webinars, articles, and more to help you maximize your understanding of emerging threats, adversary techniques and how to detect cyber attacks.Visit resource hub