SMS Group, a global metals manufacturer with German roots, is renowned worldwide for its futureoriented technologies and outstanding service. The company is paving the way for a carbon-neutral and sustainable metals industry. The company uses its 150 years of experience and unique expertise in metallurgy, industrial processes, and digitalization to create new perspectives for the industry through continuous innovation.
Cybersecurity in manufacturing has become increasingly important with the convergence of OT and IT, as well as the inherent risks of connecting systems and a distributed workforce to the internet. This means companies like SMS Group, a global metals manufacturer, need a robust security strategy.
“SMS Group has projects all over the world and employees are on many construction sites, which means workers have access to many different networks,” Karsten L., Chief Information Security Officer at SMS Group, says.
Additionally, SMS Group acquires companies from time to time, which need to get integrated into SMS Group’s IT environment and follow corporate security standards. “Sometimes this is an easy task, sometimes not,” Karsten L. continues. “In the manufacturing industry, you’ll often find vulnerable legacy operating systems as part of the core technology."
"We have to run our IT security very efficiently, given the skills shortage which is affecting IT departments everywhere."
Karsten L., CISO at SMS Groupx
SMS Group’s core IT team comprises five people, with an additional four people responsible for security in different regions, for a total of nine. It is essential that the company maintain the highest standards of security with a lean IT team.
Though the company has looked into other security solutions, SMS Group chose the Trellix XDR SecOps Platform. “We are a core Trellix customer, meaning we have almost everything when it comes to endpoint and cloud security from Trellix,” confirms Dennis W., IT Security Manager at SMS Group.
SMS Group uses Trellix Application Control, Trellix EDR, and Trellix Endpoint Protection Platform to comprehensively secure its endpoints. “Trellix Endpoint Protection Platform stops threats before they occur and Trellix EDR helps us to get more visibility and answer questions after the fact,” explains Dennis W. “Trellix Application Control protects legacy systems.”
Trellix ePolicy Orchestrator (ePO) is a centralized management platform that helps SMS Group orchestrate and manage all its endpoints from a single console as well as integrate newly acquired companies.
“With a small team, we must rely on integrations, which is simpler when everything comes from one vendor,” says Karsten L. “Trellix ePO helps us a lot when we onboard companies that we have acquired because it is independent from Active Directory and since it is an onsite product, all we need is a connection to the systems that needs to get the Trellix solution deployed. “
SMS Group also counts on Trellix Insights, Trellix SIEM, and Trellix Threat Intelligence Exchange for SecOps and Analytics. Network Security is shored up by Trellix Intelligent Sandbox and Trellix Intrusion Prevention System.
The flexible Trellix Platform connects multiple Trellix technologies and other tools to support a seamless SecOps experience to set the stage for XDR-based cybersecurity strategy that brings more operational efficiencies.
"Thanks to Trellix Insights, we can confidently answer questions from upper management, such as ‘Are we protected against this?’ It helps us focus on what to do next and informs our cybersecurity strategy."
Karsten L., CISO at SMS Group
Automated security orchestration improves analyst and SOC efficiency and decreases mean time to respond. “Trellix ePO makes deployment of new technologies easier and with everything managed from one central console, we save time that we can spend on other projects.”
When considering new technologies Dennis W. shares, “Our next project is incorporating Trellix DLP Endpoint and Trellix Device Control to prevent data loss and increase user awareness on data protection.” DLP is integrated in and managed by ePO, so the technical deployment of that new solution is straightforward.
“We see Data Protection as an essential part of our overall security strategy so Trellix DLP and Trellix Device Control are essential components here,” Dennis W. continues.
Always forward-looking, anb embraced change and launched an ambitious digital transformation strategy.
Architecting security continuity across IT/OT infrastructure with Trellix solutions.
Law firms are often privy to highly sensitive information about their clients. Security is paramount.