One of the things we regularly hear from customers is that the constant technology changes in an environment will always be one of the toughest challenges. That’s why there’s really no substitute to hearing firsthand how organizations address the difficulties brought on by shadow IT scenarios, new cloud deployments and everything else in today’s expanding attack surface. Especially when the story is told by an organization whose environment is literally moving — across the Baltic Sea.
Geography lessons aside, I recently had the opportunity to sit down with Kalev Noor, Head of IT Operations and Infrastructure at Tallink and Oliver Tavakoli, CTO at Vectra to discuss the use of network detection and response (NDR) asa critical part of Tallink’s cybersecurity ecosystem. Kalev joined us from one of Tallink’s cruise ships, which was extra fitting for the occasion!
As a business and leisure travel operator, Tallink certainly has a unique environment, so it was encouraging to hear how Kalev has been able to solve some lingering cybersecurity challenges by upgrading to a new NDR solution.
Understanding the true value of NDR
Having been an NDR user since 2018, Kalev saw the value it could offer his organization — capturing data and applying AI to detect and respond to attacks throughout his environment. But he’s learned that not all NDR solutions are created equal and ended up replacing his initial solution with Vectra due to cost, ease of use, and automation. Vectra also integrated with existing tools in Tallink’s security stack, a capability the previous solution lacked. Make sure you hear how Kalev is now able to have 24/7 eyes on his environment and what he recommends when it comes to selecting an NDR solution.
Accounting for shadow IT
Shadow IT presents all types of dangerous scenarios for security teams. Perhaps the most critical challenge is that organizations can end up with deployed systems and devices that aren’t known or secure, and yet they are connecting to the environment. This is especially challenging for Tallink, as they have ships in constant motion where various pieces of technology could get deployed by crews simply as a solution to a customer request. “Now when something appears and is doing something strange, we know about it,” says Kalev.
One of the things that always jumps out when we talk to security practitioners like Kalev is just how diverse one organization’s environment can be and how each presents a different set of requirements.Obviously not all networks are built on top of moving vessels, but at the end of the day, a viable solution that can help a security team stop in-progress attacks under these circumstances — will work out nicely in your environment as well.
As Kalev puts it, “good people need good tools to provide excellent results.”
Make sure you catch the full story and learn how Tallink is keeping security threats at bay.