Townsville City Council Protects Its Community With Cybersecurity
Key Challenges
Saddled with system limitations, Townsville City Council wanted to increase its resilience against threats with an automated, more efficient approach to cybersecurity.
Key Results
Townsville City Council gained 24/7 holistic security visibility and accelerated threat hunting with RIOT Solutions based on the Splunk platform, slashing SIEM operating costs and streamlining compliance.
Visibility is vital in the face of increasing cyber threats.
Serving 200,000 citizens, Townsville City Council (TCC) is the largest regional council in Queensland, Australia. TCC is committed to fostering sustainable growth through driving economic diversity and generating an enriching lifestyle.
While cybersecurity is of top importance to TCC, security issues were being handled manually, which did not offer full threat visibility and impacted residents’ trust. TCC engaged a new managed cybersecurity service from RIOT Solutions — powered by the Splunk platform — to adopt a more holistic approach to cybersecurity and tackle ever-changing needs and threats.
Outcomes
- ~85% faster threat hunting
- 65% savings in SIEM operating costs
- Improved customer experience
Threat hunting within minutes
Based on the Splunk platform, RIOT Solutions offers 24/7 managed services through a locally operated security operations center (SOC). TCC can now identify root causes of security events through automated data correlation, turning data into holistic security visibility across its digital environment. While other third-party vendors only support 30 days of logging, Splunk lets TCC search months of data and correlate it with new events — helping uncover potential security breaches in the supply chain.
With Splunk applied across all security operations, RIOT Solutions empowers TCC to accurately identify suspicious activities, infrastructure misconfigurations and exploitable vulnerabilities while prioritizing security alerts according to risk level. Critical threats now never go unnoticed and are always escalated — quickly. Previously, it could take up to 50 minutes to explore a security issue. With Splunk, the team is now able to address concerns about 85% faster.
Improved logging also streamlines compliance and fulfills audit requirements, particularly when the team is understaffed due to sickness or holidays. Now, Splunk breaks through the complexity with full security visibility that allows TCC to make informed decisions that improve its security posture — boosting user experience.
Serious cost and time savings
Thanks to RIOT Solutions’ professional consulting service and the Splunk-based SOC, TCC has slashed SIEM operating costs by 65%, freeing up vital funds for other priorities and cybersecurity initiatives.
Since the Splunk platform is highly scalable, TCC can integrate new solutions into its IT environment by using Splunk’s extensive library of existing integrations. New product onboarding into the SIEM environment is also faster. Because of Splunk’s leadership in the industry, other vendors already have relevant support solutions in place, which reduces the need for bespoke solutions and saves ongoing SaaS costs and implementation time.
Every day, Splunk solutions help TCC filter security alerts for more efficient troubleshooting. RIOT Solutions’ security analysts are committed to constantly reviewing incidents for the Council, leaving employees with more time to concentrate on governance, risk management and compliance tasks. And RIOT Solutions’ service is not limited to the SOC. By leveraging the power of Splunk, it has fully addressed all requirements and made significant inroads to TCC’s cybersecurity maturity journey.
The collaboration between RIOT Solutions and Splunk creates a perfect combination of human ingenuity and machine intelligence, which allows TCC to even go further than expected. With the wealth of enterprise ICT knowledge possessed by the security architects and engineers from RIOT Solutions — which is one of the few organizations in Australia offering resources with ICS/SCADA security and industry-specific training — TCC is able to glean maximum benefits from the Splunk platform and readily map business requirements to optimal technical outcomes.
A new standard for customer experience
TCC’s system now runs smoothly with maximum uptime and service availability. The organization addresses potential security issues within minutes with an immediate follow-up call to the impacted customer. As a result, customer experience and trust — core principles for TCC — have soared. And since TCC can better monitor areas that it previously could not cover — analyzing local data instead of relying on U.S.-based information — the organization can focus more on high-value and high-risk areas, better safeguarding the health and well-being of the community and environment.
With RIOT Solutions and Splunk now filling any gaps in technology, TCC can focus more on fueling continued growth of its cybersecurity team and optimizing critical business processes. The result? Better user experience and a more resilient community — today and tomorrow.
Related Content
E-book
The State of Security 2022
Security leaders’ priorities for cloud integrity, the talent gap and the most urgent attack vectors.
E-book
Forging the Future
How industry leaders use data to be more secure, resilient and innovative.
E-book
Six Cloud Strategy Pitfalls in Public Sector and How to Avoid Them
The cloud’s greatest benefits can quickly become drawbacks without a strong cloud strategy
