Significant uplift in security achieved with 24/7 visibility
Townsville City Council (TCC) engaged RIOT Solutions to provide a new managed cybersecurity service – powered by Splunk. TCC was seeking to increase its resilience against threats with an automated approach to cybersecurity.
Serving 200,000 citizens, TCC is the largest regional council in Queensland, Australia, and is committed to fostering sustainable growth and economic development locally.
Despite cybersecurity being a top priority, system limitations meant security issues were still being handled manually. Unable to access complete threat visibility, TCC needed a more efficient approach to cybersecurity and the capacity to handle ever-changing needs and threats.
TCC partnered with RIOT Solutions to adopt its Splunk-based security operations centre (SOC). The 24/7 managed services offered by RIOT through a locally operated SOC identify root causes of security events through automated data correlation, turning data into holistic security visibility.
Nick Long, General Manager for RIOT Solutions explained:
“We understand the challenges our customers face and the need to build world-class smart and connected networks for them. Attracting and retaining experienced cyber security resources is difficult, especially in regional areas. Leveraging the power of Splunk, RIOT addressed TCC’s requirements and made significant inroads to their cyber maturity journey.”
RIOT is also one of the few organisations in Australia that offers resources with ICS/SCADA security and industry specific training.
TCC consolidated its security posture, significantly uplifted security with 24/7 visibility, and accelerated threat hunting. TCC’s system now runs smoothly with maximum uptime and service availability.
Suspicious activities, infrastructure misconfigurations, and exploitable vulnerabilities can be more accurately identified, with security alerts prioritised according to risk level. Operating costs have been slashed by 65%, freeing up vital funds for other priorities. Critical threats no longer go unnoticed and are escalated quickly.
Dale Murchie, Security Architect at TCC, said,
“It previously took 40 minutes to explore a security issue. If you multiply that by the number of events regularly handled (40-50), we understandably got lost in the noise and missed critical issues. Through RIOT, Threat hunting is now performed within minutes – around 85% faster than previously.”
The RIOT SOC helps TCC filter security alerts for more efficient troubleshooting and increased focus on governance and risk management. Improved logging helps streamline compliance tasks and fulfil audit requirements.
“It could be weeks before a security event report was ready previously,” Murchie recalled.
“We didn’t have a dedicated team, so we relied on others to manage cybersecurity. However, they weren’t necessarily in the same technology domain.”
TCC has broken through the complexity with complete security visibility across the entire digital environment, with support for informed decisions that improve security posture and boost user experience.
Since TCC can better monitor areas it previously couldn’t cover – analysing local data instead of relying on US-based information – it can focus on high-value and high-risk areas, better safeguarding the health and well-being of the community and environment. Potential security issues can be addressed within minutes with an immediate follow-up call to the impacted customer. As a result, customer experience and trust – core values for TCC – have soared.
Murchie concluded, “With RIOT Solution’s security analysts constantly reviewing incidents, we can concentrate more on governance, risk management and compliance tasks. Thanks to RIOT Solutions and the Splunk-based SOC, the general public has a higher level of confidence in TCC’s ability to detect and respond to cyber incidents, and our capability to protect our business and public data.”