In 2020, City Beach was operating with a range of email exchange servers for communications between departments. One Friday evening, several issues notified the internal IT team of a compromise to one of the on-premises servers. After reviewing the system, it became apparent that several accounts were compromised, and as a result, the server was unresponsive and offline.
According to City Beach CIO, Rhian Greenway, the situation reinforced the unpredictability of modern-day cyber security threats.
“It can be very challenging to know if your network environment is as good as it can be, especially when it comes to cyber security. From an organisational standpoint, everything looks safe and secure until one thing brings it all down. It often takes a scenario like the exchange server to paint a clear and understandable picture for the business.” – Rhian Greenway, City Beach CIO
Having an existing relationship with McGrath Nichol, City Beach notified them of the breach on a Friday night. After assessing the scenario in the early hours of Saturday morning, it became apparent the exchange server was the entry point of the incident and was immediately shut down.
The experience highlighted certain holes in City Beach’s network security posture.
“We needed to adopt a more agile and responsive approach to our security strategy and wanted more comprehensive processes and tools to better enable early detection of such instances in the future.” – Rhian Greenway, City Beach CIO
City Beach went to market to find a strategic partner that could help bolster their security posture. From a pool of three potential providers, City Beach engaged RIOT to implement a series of network security solutions and services, including:
- SIEM services
- Security Operations Centre (SOC) services for vital support through 24/7 eyes on glass
- Vulnerability Management Services (VMS)
- Cyber resilience assessments via internal and external Penetration Testing.
“We decided to go with RIOT for several reasons. Their approach to security aligned well with our own, their involvement with vendor management would be fantastic, the accessibility to their people was first-class, and most importantly, they had the skills, certifications and experience to fill the gaps in our own environment and team.” – Rhian Greenway, City Beach
These solutions would deliver City Beach a more comprehensive view of all their systems, including regular reporting and strategic advice relating to network security and the business’s network architecture. Moreover, RIOT’s expertise and local presence in Brisbane would provide City Beach with the necessary expertise to create capacity internally.
“On top of the vulnerability assessments and real-time reporting and alerts, RIOT’s expertise was a big sticking point for us moving forward. They would be able to act as an extension of our internal team, providing a level of expertise that is really hard to find in the current market.” – Rhian Greenway, City Beach CIO
Since engaging with RIOT, City Beach has realised several key improvements across their network architecture and security posture.
“Obviously, the experience RIOT provides is invaluable, but not only that, we now have a defined roadmap to becoming more compliant, and we are prepared as best as possible for the unknown. We’re by no means immune to attack, as the exchange server incident highlighted, but having gone through that scenario, RIOT is helping us put the people, processes, and technology in place to be better prepared moving forward.” – Rhian Greenway, City Beach CIO
City Beach now possesses a much closer adherence to industry standards and are well aligned with the Essential Eight – a series of mitigation strategies for cyber security incidents outlined by the Australian Cyber Security Centre (ACSC).
Furthermore, RIOT’s partnerships and vendor relationships have aided City Beach in bolstering its own vendor relationships. As a result, the business’s overall security baseline is firmer and more robust than before the exchange server incident.
City Beach acknowledged the most significant learning from the past 12 months was the realisation that regardless of your backend, people, processes, and attitude towards cyber security, no one is ever 100% safe. When we spoke with Rhian Greenway regarding the company’s learnings and if he had any advice for other businesses in a similar situation, he had this to say:
“Cyber security is now another risk element that businesses must address. For organisations out there looking to bolster their security posture – it’s all about persistence. You might make mistakes before something sticks, or you might not have the necessary resources to do what you want, but there are providers such as RIOT that can help you fill those gaps, because as our situation emphasises, it only takes one incident to highlight the importance of such strategies.” – Rhian Greenway, City Beach CIO
Looking ahead, Rhian says RIOT will be invaluable in helping City Beach continue to fine-tune and grow their cyber security roadmap and strategy.
“It’s such a valuable relationship for us because they really know their stuff and keep us on the pulse of everything that is important to us as a business.” – Rhian Greenway, City Beach CIO