Ozinga, a construction materials and concrete manufacturing company with around 3,000 employees, faces significant cybersecurity challenges due to its extensive use of operational technology (OT) and programmable logic controllers (PLCs). The company’s security engineers previously struggled with a lack of network visibility, describing their old security information and event management (SIEM) tools as producing overwhelming amounts of unhelpful data that made finding real threats like searching for a needle in a haystack. Protecting these large-scale industrial environments is a critical priority for their small security team.
To overcome these hurdles, Ozinga integrated Lumu into its cybersecurity stack, transforming its defense strategy. Lumu functions as a proactive SIEM, providing a single pane of glass for 24/7 network visibility and automating threat responses through integrations with tools like SentinelOne and network firewalls. This automated system recently proved its value by instantly detecting and blocking a live phishing attack when it recognized a malicious command and control server domain. By handling late-night alerts and pushing automatic remediations, Lumu gives Ozinga’s team peace of mind and significantly strengthens their overall security posture.
TAKEAWAYS
- Ozinga operates a large-scale industrial network with around 3,000 employees and numerous PLCs, making IoT and OT security a critical risk factor.
- Before using Lumu, the security team lacked clear network visibility and struggled to identify threats among massive volumes of noisy data.
- Lumu provides a centralized ‘single pane of glass’ to ingest network information and accurately identify malicious activities and threats.
- Lumu successfully detected and stopped a live phishing attack by identifying the attacker’s command and control server domain as malicious.
- By integrating with SentinelOne and firewalls, Lumu acts as an automated, action-oriented SIEM that monitors and blocks threats 24/7 without manual intervention.
