Following a significant merger between two major telecommunications entities, the newly established telecom giant sought to streamline and modernise its security operations. The objective was to enhance asset visibility across critical business functions, minimise the proliferation of security tools, and consolidate systems.
Moreover, the organisation aimed to improve monitoring capabilities while addressing considerable technical debt incurred both before and after the merger. This transformation was intended to optimise operations and ensure ongoing regulatory compliance.
Recognising the scale and complexity of the project, the telecom company enlisted the expertise of RiverSafe, known for their proficiency in SOC and SIEM transformation projects.
The initiative began with a series of collaborative workshops designed to align on the company’s future security objectives. During this initial phase, RiverSafe identified 12 legacy SIEMs within the organisation.
A central task was to aggregate a major cloud-based security platform, merging three separate instances into a unified system. This consolidation involved integrating state-of-the-art single sign-on capabilities, new data sources, and the seamless transfer of existing data parsers, dashboards, and lookups.
RiverSafe enhanced data management and routing by deploying Cribl, an advanced data streaming platform. This solution enabled efficient data feed routing to multiple destinations and allowed for complex data transformations, granting the telecom firm enhanced flexibility and control over its data.
The RiverSafe team also identified opportunities for optimising the existing SIEM infrastructure. With a strategic consolidation plan, they transitioned operations onto two robust platforms: a cloud-based security operations platform for broad use and an on-premises SIEM solution tailored to meet specific regulatory compliance mandates.
The transformation delivered substantial improvements, with optimised SIEM platforms enhancing the telecom company’s operational efficiency and security visibility. The updated infrastructure advanced avenues for automation and data enrichment, significantly boosting security measures.
Implementing the data streaming solution also improved data routing efficiency, resulting in considerable cost savings in licensing fees. Beyond these immediate benefits, the transformation set a foundation for future advancements through increased automation potential, bolstering compliance with industry regulations and strengthening the company’s overall security posture and monitoring capabilities.
