How SenseOn Gave Yeo Valley ‘game-changing’ network insight

The industry threat landscape

As a result of the Fourth Industrial Revolution, digital operations within the manufacturing industry are becoming increasingly complex. Unfortunately, adequate cyber protections are not being implemented at the same rate as innovation. As a result, many manufacturing businesses are seeing an increase in cyber-related incidents. Breaches in cyber security have the potential to affect any part of the supply chain. Modern attacks aim to disrupt operations and thus threaten the safety, profitability and reputation of manufacturing organisations. Ransomware, for example, has the potential to halt entire manufacturing supply chains whilst other attack methods can be used to gain access to company systems and steal customer data, exposing customers to identity fraud.

Business background

Yeo Valley was established as a brand in 1994, although the Mead family, who own the business, can trace their farming roots back to the fifteenth century. Yeo Valley operates as a farming and dairy processing company and is currently the UK’s largest organic brand.

‘We have gone from not having a security team, to having a security team as a result of SenseOn.’—Matt Blee, Cyber Security Manager

Specific challenges

Yeo Valley has a large farming and dairy manufacturing infrastructure that includes a combination of distribution, manufacturing and office sites. The business has a very lean security team that, whilst functional, lacks the capacity to fully manage all aspects of security 24/7. Yeo Valley faced a number of industry specific challenges before they decided to invest in SenseOn. For example, as a result of their complex estate, with a mix of IT, OT and IoT devices, the team had limited network visibility. This resulted in tough to manage areas and the potential for oversight, leaving them more vulnerable to cyber attacks. Relatively common processes and procedures such as investigating suspicious activity or warnings from NCSC would take a huge amount of time.

Choosing and deploying the right technology

Before SenseOn, the security team at Yeo Valley had no visibility of network traffic, nor an ability to proactively detect suspicious activity. As such, they relied on performing investigations manually and on an ad-hoc basis.

As a result of their lean setup, with time and resource constraints, the security team required a tool with an intuitive interface that could be easily operated without the need for extensive training. Given the nature of the threat and the impact of a loss of access to IT and OT devices, the team needed a tool that would deliver value quickly, providing estate visibility and detection capability, without months of tuning.

Additionally, as food and beverage manufacturing is a low margin industry, the platform chosen had to represent great value for money.

‘We just put SenseOn in and let it flow. There was minimal time for implementation. Nothing we’ve ever put in has shown value so quickly.’—Matt Blee, Cyber Security Manager

Build or buy?

The security team at Yeo Valley had considered using a SIEM based approach, collating logs, writing use cases and investigating the resulting alerts.This approach would have required three to four full time specialist security hires in a particularly difficult market. The expected delivery time for SIEM implementation is over six months and these projects are often delivered over budget. It was also expected that the ongoing maintenance of a SIEM would have taken up time and resources which the Yeo Valley were not in a position to commit to. As a result, the team decided that SenseOn would be able to give them more value than this approach, whilst costing less.

‘SenseOn gave us a jump in awareness across our network. We were able to harden our posture and take hard data to the business to drive change.’—Matt Blee, Cyber Security Manager

Results

SenseOn has given Yeo Valley a substantial increase in visibility across their network and have enabled a ‘big jump of awareness’ for this team. This new level of network insight has been described as ‘game changing’. 

SenseOn has proved to be particularly useful in a reactive sense. The team is now empowered to investigate and locate suspicious activity across the network, where before these vulnerabilities would not have been flagged. For example, in one instance the team noticed, through the SenseOn platform, that a device on their guest network was connected to a blacklisted IP address.

Within half an hour, it was discovered where this had happened, how it had happened and who the device belonged to. The time that was saved in triage was better spent on re-securing the device and re-training the user on device health. Additionally, having SenseOn has enabled this security team to build business cases to expand the scope of their operations.

As Matt Blee, Yeo Valley’s Cyber Security Manager, put it ‘we have gone from not having a security team, to having a security team’ as a result of SenseOn.

Loved by teams an companies you know

Whether you are a large organisation with mature cyber teams or a smaller business with no SOC teams whatsoever, SenseOn can provide you with a tailored, cost-effective solution to keep you protected from threats.

Racing Post

〰️

Mitsubishi Chemical

〰️

Convatec

〰️

Megger

〰️

Yeo Valley Organic

〰️

First Sentier Investors

〰️

Harbottle & Lewis

〰️

Racing Post 〰️ Mitsubishi Chemical 〰️ Convatec 〰️ Megger 〰️ Yeo Valley Organic 〰️ First Sentier Investors 〰️ Harbottle & Lewis 〰️

Find out what SenseOn can do for you.