Enables the multinational company to drive digital transformation initiatives without the risk of a constantly expanding attack surface.
TEL-AVIV, Israel and BOSTON, Sept. 27, 2023 /PRNewswire/ — CardinalOps, the detection posture management company, today announced that global multi-energy company Repsol has deployed the CardinalOps platform to continuously assess its MITRE ATT&CK coverage and eliminate security gaps caused by missing or misconfigured detections.
With over 24,000 employees and global operations, Madrid-based Repsol is a global multi-energy provider that strives to lead the energy transition. Having committed to the ambitious goal of becoming a net zero emissions company by 2050, Repsol operates in all areas of the energy value chain, producing energy from hydrocarbons (oil and gas exploration and production) and renewable sources (wind, floating wind, photovoltaic solar, hydroelectric), and transforms it into products and services for mobility and homes.
“Our digital environment is vast and expanding, making it essential that our detection posture is resilient in the face of today’s threat landscape,” said Javier García Quintela, Global CISO of Repsol. “CardinalOps delivers the breadth of security coverage that we need to fix our detection gaps, resulting in a more secure environment and efficient security operations.”
In order to reach the goal of being a net-zero emissions company by 2050, Repsol is leveraging a wide array of digital transformation initiatives to make operations more efficient and less wasteful. However, this increased reliance on technology also brings additional risk due to a significant increase in the attack surface, both in the cloud and in physical facilities. Combined with the continuously-evolving threat landscape, global geopolitical tensions, and the scarcity of cybersecurity talent, this requires a strategic focus on maximizing the effectiveness of security operations.
According to recent CardinalOps data, enterprise Security Information and Event Management (SIEM) platforms only have detections for 24% of all 196 techniques in the MITRE ATT&CK v13 framework, an industry standard consisting of adversary tactics and techniques based on real-world observations. Many of today’s organizations are often unaware of this gap between the detection posture they assume they have and the actual posture they have in practice, creating a false sense of security.
CardinalOps leverages the MITRE ATT&CK framework for measuring an organization’s detection coverage across all these tactics, techniques, and procedures (TTPs), while helping organizations prioritize new detections to address gaps for the techniques that matter most to their business risk profile.
“Oftentimes, CISOs are challenged with addressing the security risk present during digital transformation initiatives – from migrating to the cloud to an expanding digital footprint,” said Michael Mumcuoglu, CEO and Co-Founder of CardinalOps. “This remains a daily burden for security leadership and their teams at large who are inundated with alerts from their security tool stack that aren’t relevant to their unique business risk. We’re excited to work with Repsol in addressing MITRE ATT&CK detection coverage gaps and helping them scale their detection and response capabilities as they reach their goal of being a net-zero emissions company.”
Repsol’s Global CISO Javier García Quintela will be demonstrating how the company is leveraging CardinalOps’ detection posture management platform to eliminate gaps during a live webinar, “A CISO’s Perspective on Improving SecOps Effectiveness,” on Thursday, September 28 at 11:00 a.m. EST. Register now at the link here.
About CardinalOps
Backed by security experts with nation-state expertise, the CardinalOps platform uses automation and MITRE ATT&CK to continuously ensure you have the right detections in place to prevent breaches, based on a threat-informed strategy. What’s more, it improves detection engineering productivity by 10x and drives cost savings by recommending new ways to tune noisy and inefficient queries, reduce logging volume, and eliminate underused tools in your stack. Native API-driven integrations include Splunk, Microsoft Sentinel, IBM QRadar, Google Chronicle SIEM, CrowdStrike Falcon LogScale, and Sumo Logic. Learn more at cardinalops.com.
For Media Inquiries:
Nathaniel Hawthorne for CardinalOps
Lumina Communications
(661) 965-0407
CardinalOps@luminapr.com