Fortifying Cybersecurity in Manufacturing: Insights from KEC International’s Journey with CyberArk

Pradipta Patro, Head of Cyber Security & IT Platform, KEC International Limited, and Rohan Vaidya, Regional Director, India & SAARC, CyberArk, discuss KEC International’s cybersecurity transformation in an exclusive conversation with Express Computer. They talk about the difficulties administrators encounter while they are being onboarded, how CyberArk’s suite affects the deployment of multi-factor authentication (MFA), and how important it is to secure various infrastructure initiatives. Learn how CyberArk’s solutions have strengthened privileged access, expedited onboarding, and established KEC International as a pioneer in cybersecurity for the manufacturing industry.

KEC International faced challenges when onboarding administrators from multiple departments. Can you elaborate on these challenges and how CyberArk’s suite and implementation capabilities helped overcome them? Could you share your experience with implementing multi-factor authentication (MFA) and expanding access to normal users? How has it impacted security and the user experience at KEC International?

KEC International, a leading RPG Group company in the engineering, procurement, and construction fields within the manufacturing domain, encountered significant challenges when onboarding administrators from various departments. With a diverse range of projects spanning key sectors like power transmission and distribution, railways, civil and urban infrastructure, solar, smart infrastructure, oil and gas pipelines, and cables in over 100 countries, securing access management was of utmost importance to prevent potential threats. KEC International aimed to enhance IT security, particularly for privileged accounts and devices, and demonstrate maturity in meeting manufacturing-specific security standards.
They faced challenges due to legacy infrastructure when adopting Privileged Access Management (PAM). Given these issues, they selected CyberArk for its ability to defend against cyberattacks, drive efficiency, support digital transformation, and meet compliance needs. CyberArk’s differentiated features included a comprehensive PAM product, industry experience, strong brand value, and excellent onboarding support. The evaluation process, spanning several weeks, involved sessions with various teams, highlighting CyberArk’s capability to address their concerns effectively.

After evaluating CyberArk’s robust suite of solutions tailored to their sector, KEC International embarked on the implementation journey. They started with securing servers of all types, gradually expanding to onboarding networking devices, security appliances, and even complex databases such as MySQL and RADIUS. They have recently introduced CyberArk MFA for authentication and have plans to extend access to their 5,000 regular users. KEC International’s partnership with CyberArk has fortified its cybersecurity measures and ensured the protection of its critical infrastructure projects.

What were the key benefits or outcomes that KEC International achieved through the adoption of CyberArk solutions for access management?

KEC International’s initial goals were to enhance the security of their IT environment, particularly for sensitive privileged accounts and devices, and to demonstrate maturity in meeting security standards specific to the manufacturing domain. They selected CyberArk for its ability to defend against cyberattacks, drive operational efficiencies, enable its digital business transformation, and satisfy audit and compliance requirements. The top benefits they realised included a lowered risk and vulnerability profile, meeting desired compliance and audit requirements, streamlined onboarding processes, and enhanced security for privileged accounts. CyberArk’s solutions, including a holistic Privileged Access Management (PAM) product and its experience in serving manufacturing enterprises, stood out. CyberArk effectively addressed KEC International’s concerns and challenges while providing a robust solution tailored to its unique manufacturing environment.

How important is it for organisations in the engineering, procurement, and construction sectors to have robust access management and cybersecurity measures in place?

For organisations in the engineering, procurement, and construction (EPC) sector, the significance of having robust access management and cybersecurity measures cannot be overstated. This sector, which often handles complex infrastructure projects in various domains, is vulnerable to a range of cyber threats and security challenges. Effective access management is essential for safeguarding sensitive data and ensuring that only authorised personnel can access critical systems and information. Moreover, the implementation of comprehensive cybersecurity measures is crucial to defend against cyberattacks, secure privileged accounts, achieve compliance with industry regulations, and maintain the integrity of their operations. In a digital age where cyber threats are ever-evolving, EPC organisations must prioritise these security measures to protect their projects, maintain client trust, and ensure the continued success of their operations. They’ve been making progress, starting with setting up servers and devices, then moving to complex databases, and now adding extra security for logins using Multi-Factor Authentication (MFA). This forward-thinking approach shows they are ready to face future security challenges.

In a distributed environment like production and manufacturing, how has the implementation of CyberArk solutions enhanced security and mitigated potential risks?

In the world of companies like KEC International in the EPC sector, it’s very important to have strong ways to control who can access their systems and robust protection against online threats. KEC International is well-known for its big infrastructure projects in various areas like power, railways, civil projects, and more. Their work is complex and spread out in different locations. So, they need strict methods to make sure only the right people can access their systems and to defend against online dangers. They realised the need for good cybersecurity and decided to use CyberArk’s solutions to keep their data safe, prevent attacks, make their operations smoother, and meet rules and standards.

Can you provide specific examples of instances where CyberArk solutions have played a critical role in maintaining security and preventing potential cyber threats at KEC International?

Facing significant cybersecurity challenges in securing a wide array of infrastructure projects across sectors such as power transmission and distribution, railways, civil and urban infrastructure, solar and smart infrastructure, oil and gas pipelines, and cables, KEC International found a crucial ally in CyberArk’s Privileged Access Management (PAM) solution. By fortifying its IT environment and protecting sensitive privileged accounts and devices, CyberArk played a pivotal role in preventing unauthorised access within its distributed manufacturing setup. Furthermore, the implementation of CyberArk’s PAM solution streamlined onboarding processes for servers, networking devices, and databases, simplifying the complexities associated with bringing administrators from multiple departments on board. This optimisation not only improved operational efficiency but also reduced the time needed for securing new devices. Moreover, CyberArk enabled KEC to enhance its security posture by securing privileged accounts, thus preventing potential breaches and ensuring data integrity. The need to defend against cyberattacks, achieve compliance, and extend access management was also addressed, bolstering KEC’s overall security infrastructure. CyberArk’s solutions were pivotal in safeguarding KEC International’s diverse infrastructure projects, enhancing cybersecurity, ensuring compliance, and fortifying security across their complex and multifaceted sectors. In simple words, for companies like KEC International in the EPC sector, strong access control and cybersecurity are the foundation for safe and efficient operations, protecting their reputation, and keeping their projects successful worldwide.

What future plans does KEC International have for its cybersecurity strategy and the use of CyberArk’s technology?

KEC International has ambitious plans to further strengthen its cybersecurity strategy and expand the use of CyberArk’s technology. Having successfully implemented CyberArk’s Privileged Access Management (PAM) solution to secure their IT environment, protect sensitive privileged accounts, and streamline onboarding processes, they are now poised to enhance their cybersecurity posture. The recent adoption of CyberArk’s Multi-Factor Authentication (MFA) for authentication marks the beginning of their journey to provide secure access for all 5,000 normal users. This expansion signifies their commitment to ensuring comprehensive security and access management across their organization. By leveraging CyberArk’s Identity and Access portfolio, KEC International aims to continue its pursuit of securing sensitive infrastructure projects across various sectors and demonstrate its maturity in achieving the desired security standards for the manufacturing domain. As champion customers who have been successfully using CyberArk’s solutions for over six months, their future indicates a proactive approach to addressing evolving cybersecurity challenges and maintaining a robust security framework to safeguard their diverse infrastructure projects.

Watch the full insightful interview:


Comments (0)
Add Comment