OVERVIEW
Mandiant helps convert unknowns to manageable knowns
To drive continuous improvements in its cyber security readiness, The Auto Club Group uses Mandiant Advantage Security Validation to test its security controls against real attack TTPs and malware. The use of Security Validation is also an effective way to evaluate cybersecurity tools. The company also uses Mandiant Advantage Threat Intelligence to enhance situational awareness and direct a security validation strategy.
Metrics
67%
Reduction in mean time to resolution (MTTR)
Data
Drives priorities and actions, to empower optimization of their overall security program
CISO
Better equipped to rationalize and confidently report on security program effectiveness
CHALLENGE
Protecting infrastructure when customers’ safety is at stake
ACG’s member services include roadside assistance and towing. If a member gets stranded or has an accident while travelling, the club’s servers and applications must be operational so that its agents can send help.
The Auto Club Group’s databases house sensitive data about its members, which it has been entrusted to protect. The club also offers insurance products, such as auto and trip disruption insurance, which must comply with financial industry regulations governing cyber security practices and data protection practices.
“We’re the ones people turn to for help getting out of tough situations. If something happens to us, 13.4 million members could be impacted.”
—Gopal Padinjaruveetil, CISO, The Auto Club Group
SOLUTION
Sophisticated intelligence to enhance readiness
To further advance its security capabilities, The Auto Club Group uses Mandiant Advantage Threat Intelligence which gives the company access to in-depth data and insights on threats actors and the tools they use, all maintained in real-time and accessible through the Mandiant Advantage SaaS platform.
Mandiant’s integrated, intelligence-led workflows enable ACG security teams to perform research and analysis on threats using Mandiant Threat Intelligence and then quickly move to Security Validation based on their prioritization of what threats to test against. “Mandiant solutions are fundamental to our holistic approach to cyber security,” said Padinjaruveetil. “Along with the right people and processes, Mandiant helps us continually improve our response times.”
To prepare for unknown threats, The Auto Club Group’s strategy is to actively search for them. It uses the Security Validation module of the Mandiant Advantage platform to emulate attack behaviors against their cyber defenses. “We run live malware in a protected environment that Mandiant calls Protected Theater to safely test destructive attacks and capture data on both our response and defenses,” Padinjaruveetil explains.
The Group also uses Mandiant Security Validation to evaluate technology prior to purchase or deployment. The company tested three different endpoint detection and response (EDR) applications, comparing their ability to detect attacks and generate actionable alerts. The evaluation enabled ACG to ensure it selected the most effective EDR software to protect its environment.
“With Mandiant Security Validation, we test our cyber security defenses in real time. It reveals to us whether or not we can detect and block intrusions.”
—Gopal Padinjaruveetil, CISO, AAA – The Auto Club Group
RESULTS
Continuously delivering measurable improvement
Since embracing the practice of testing cyber controls against relevant cyberattacks, The Auto Club Group has become more confident in its defensive controls across technology, teams and processes.
The discipline of validating security effectiveness gives the team visibility into the organization’s security environment and delivers quantifiable data required to identify gaps, misconfigurations, redundancies and areas of improvement. “You can’t improve what you don’t measure,” says Padinjaruveetil. By running threat intelligence informed Actions and clocking time-to-remediate, Auto Club Group pinpoints opportunities to drive change and improve response processes and reduce the time needed to recover from an attack.
As a result of improving its processes, hiring top talent and implementing solutions like those provided by the Mandiant Advantage platform, ACG has reduced its mean time to resolution (MTTR) by 67%.
“CISOs should not be afraid to seek the unknown,” Padinjaruveetil concludes. “Mandiant Security Validation helps us find our vulnerabilities before the bad guys do.”
“Mandiant solutions shine light on the things we did not know but should. We learn what we need to fix.”
—Gopal Padinjaruveetil, CISO, Auto Club Group
More about the company
On the road: protecting drivers, promoting traffic safety
AAA – The Auto Club Group (ACG) is the second largest AAA club in North America with more than 13 million members across 14 U.S. states, the province of Quebec and two U.S. territories. ACG and its affiliates provide members with roadside assistance, insurance products, banking and financial services, travel offerings and more. ACG belongs to the national AAA federation with more than 62 million members in the United States and Canada. AAA’s mission is to protect and advance freedom of mobility and improve traffic safety.