Travel mania - stock.adobe.com
Seaco charts course for unified security strategy
Shipping container leasing giant consolidates security tools onto a single platform, leveraging AI and extended detection and response to improve security operations
Shipping container leasing giant Seaco has overhauled its cyber security strategy by consolidating its security tools onto a single platform as it navigates the growing threat landscape marked by an expanded attack surface and increasing use of artificial intelligence (AI).
Seaco’s CIO Damian Leach spearheaded a review of the company’s cyber security strategy, culminating in the adoption of Trend Micro’s Vision One platform. The decision was driven by the challenges of managing multiple, disparate security tools.
Previously, Seaco adopted a “best-in-class” strategy, employing a plethora of tools for different security functions, such as endpoint, email, network and cloud security. While the strategy made sense at the time, it proved unwieldy amid evolving threats and the explosion of data generated by these tools.
“Trying to make sense of the noise versus protecting our crown jewel assets became very difficult,” Leach told Computer Weekly in a recent interview in Singapore. “For example, we were getting a lot of notifications that our servers in our disaster recovery site had vulnerabilities which we considered low-risk and might not want to patch.”
The move to Trend Vision One has helped to simplify and strengthen Seaco’s cyber security defences. The platform integrates extended detection and response (XDR) capabilities, cloud security, AI-driven threat intelligence and dark web monitoring, providing an overview of the company’s security posture.
“The ability to unify our telemetry is really important,” Leach said, “because then you can understand the blast radius of a potential attack and build automation into the DevSecOps pipeline to ringfence particular issues or scenarios, such as removing a compromised account or endpoint from a network.”
Seaco’s security consolidation efforts come at a time when the company is undergoing the ISO 27001 information security certification. With the platform, Seaco can now benchmark its security controls against industry best practices and regulatory standards, enabling Leach “to report back to the C-level team on operational cadence and how we’re doing in terms of our ISO roadmap”.
Beyond consolidation, Seaco’s cyber security strategy also entails adopting security automation and protecting workloads that run on different public cloud services including Amazon Web Services and Google Cloud. It also needs to ensure its application programming interfaces (APIs) are secure as it transitions from using traditional electronic data interchange (EDI) to APIs to communicate with a network of 500 ports and depots.
To that end, the Trend Vision One platform, integrated with Seaco’s Kong API gateway, allows the company to detect potential API attacks, especially via partners in its supply chain that may have varying levels of security maturity. “We have to protect ourselves from any intrusion potential,” Leach said.
But Seaco’s cyber security strategy is not just about reacting to threats; it’s about anticipating them. The platform's AI-driven threat intelligence allows the company to identify and address potential vulnerabilities, even those lurking in the dark web. “We’re now able to monitor the dark web for compromised accounts and put processes in place to reissue passwords or notify users,” Leach said.
With the platform’s behavioural analytics capabilities, Leach said Seaco is also able to know where its employees are logging in and detect whether a threat is real or not.
“Previously, it was almost a reactive approach to incidents and less about knowing the typical behaviour of an employee,” he said. “Now, we can see telemetry about unusual behaviour being surfaced through the platform, which wasn’t possible before.”
Despite the technological safeguards, human error remains a concern. “I worry about our employees,” Leach said, stressing the importance of continuous employee training and security awareness programmes. Seaco conducts regular phishing simulations and provides ongoing cyber security education to mitigate the risk of human-driven breaches.
Leach is also concerned about the global skills shortage in cyber security, which makes it hard to attract and retain talent, particularly in the shipping industry.
“We have very industry-specific intellectual property, so if I lose somebody critical in my team, it becomes very difficult to replace them with good talent,” Leach said. “And so, we’re focused on providing not only decent salaries, but also training, certification and soft skills to add to people’s lives and careers.”
Read more about cyber security in APAC
- Security chiefs at the recent Gartner Security and Risk Management Summit in Sydney share insights on navigating board communication, organisational resilience and the importance of understanding business needs.
- Singapore non-profit organisation HomeTeamNS suffered a ransomware attack that affected some servers containing employee and member data, prompting an investigation and enhanced security measures.
- Gil Shwed, Check Point’s co-founder, discusses the company’s focus on AI-driven security and his commitment to remaining an independent force in the cyber security market.
- Doug Fisher, Lenovo’s chief security officer, outlines the company’s approach to security and AI governance, and the importance of having a strong security culture to combat cyber threats amplified by the use of AI.
