Go-Ahead, the rail operator, is using a security dashboard based on a football league table, as a way of maintaining its network security and PCI DSS compliance, between audits.
RandomStorm developed the information security league table for Go-Ahead Group plc. David Lynch, Group IT and Procurement Director at Go-Ahead, manages 50 IT specialists who are responsible for maintaining the security of the Wide Area Network; departmental servers; email servers and rail IT infrastructure, including Go-Ahead’s retail network and physical assets located in more than 450 stations.
As a Level 1 merchant of travel tickets, Go-Ahead has to comply with the Payment Card Industry Data Security Standards (PCI DSS) and have regularly scheduled audits with a PCI Qualified Security Assessor (QSA).
Go-Ahead is using the RandomStorm Vulnerability Management Platform, StormCore, to map and scan the enterprise network for intrusions; correlate incidents and monitor for any configuration issues on devices or ports that could render the network vulnerable to malware or hacks. Incidents and reports are presented in a central dashboard for management and technical staff to interpret.
Lynch wanted to ensure that the security detection and protection products were being used to their full potential. Aware of David Lynch’s love of football, RandomStorm designed a Security League Table, to demonstrate the comparative performance of parts of Go-Ahead’s IT network.
The Security League Table enables Go-Ahead to review where vulnerabilities have been identified, which assets are affected and what remedial action is required. Where a highlighted vulnerability has not yet been addressed, such as a misconfigured device or required patch, this will be marked down, pushing that IT domain lower in the table. Go-Ahead’s IT managers meet David Lynch each month to report the status of IT assets. The table is updated with details of the active security issues and work schedules are generated to address vulnerabilities.
Lynch says: “This is unique to Go-Ahead, it was designed specifically for us by RandomStorm as a way of measuring ongoing security in between scheduled audits. The Security League Table identifies where vulnerabilities highlighted by the scans have not yet been remediated and provides IT managers with a schedule of work during the month.”
Lynch reports that the table encourages a dialogue between IT staff and business managers and demonstrates where IT is adding value to the business.
“I am not a great fan of putting a tick in the security compliance box, unless I am certain that I am actually complying. By showing that we are doing all that we can to defend our network, we can also protect the corporate reputation of Go-Ahead. If I could have a RandomStorm League Table for every area of my business that would be great, because it shows you exactly what’s going on,” adds Lynch.
