Euronet Worldwide: Speedy, Global Response to Threats Reduces Risk
After years of using manual processes and systems to manage its IT inventory and track vulnerabilities, racking up costs, and increasing the complexity of asset and vulnerability management, Euronet Worldwide needed a way to get a single, accurate and timely view of risk exposure at the group level.
The payment processor, which delivers financial transaction processing for global businesses and consumers, including ATM outsourcing services and issuing cards, has seen its business expand to 60 offices in 170 countries, supported by 25 IT management and infrastructure teams.
“We have high risk and a lot of complexity,” said Euronet Worldwide CISO Sarah Griffith, one of the many security executives who took the stage at QSC 2021 in Las Vegas to explain how partnering with Qualys helped them solve cybersecurity issues and more.
“Our global IT teams are responsible for delivering business services to our entities and helping them to maintain robust information security and data governance controls,” said Griffith. “When new threats such as zero-days emerge, our goal at the group level is to understand our exposure, rapidly address any risks, and keep management, shareholders and customers informed every step of the way.”
But those efforts were hampered by a complex and time-consuming process that had the security team contacting IT managers across the business to identify and patch vulnerable systems. Getting an accurate view of global exposure could stretch out days, even weeks, since the company operates in multiple time zones. And that left threat actors with a considerable window to exploit flaws.
Gaining a single, accurate—and timely—view of risk exposure was the best way to help the company’s global IT teams maintain robust information security and data governance controls. “Our global IT teams are responsible for delivering business services to our entities and helping them to maintain robust information security and data governance controls and rapidly address risks as new threats like zero-days emerge.
That’s why Euronet Worldwide turned to Qualys VMDR® with integrated apps for asset identification and management, vulnerability management, threat detection and prioritization, and response.
Griffith was concerned that “we don’t even know where all of our assets are,” especially after multiple acquisitions and plenty of organic growth. “It’s almost like a band-aid approach if you’re implementing solutions and security tools, but you don’t even know if you have everything covered,” she said. “So that was one of the use cases of why we looked at Qualys.”
The company deployed what Griffith has called “extremely lightweight” Qualys Cloud Agents on more than 23,000 IT endpoints, enabling the fine-grained visibility the security team sought.
Now teams can instantly see vulnerabilities across assets as well as their severity level, so they can prioritize their remediation activities effectively and shrink the attack surface.
Euronet Worldwide has embedded Qualys VMDR into its global cyber security processes, replacing manual tools and spreadsheet-based approaches to vulnerability management with automated workflows. The company has also integrated Qualys VMDR with issue-tracking solutions such as Jira to standardize tracking remediation work.
To illustrate how Qualys has bolstered Euronet Worldwide’s security posture and shaved off considerable time in dealing with vulnerabilities, Griffith pointed to the SolarWinds breach late in 2020. The campaign’s long tentacles stretched across many companies and government agencies using Orion software. Euronet was indeed running Orion, so when news broke about SolarWinds, Griffith and her team sprang into action and quickly identified which entities within the company were using compromised versions of the software, then quickly remediated.
Under Euronet’s previous, manual-based systems, Griffith would have had to tap all the company’s security officers, emailed all teams, and asked them to check if they were running a compromised version, then check back in.
“It could be days, it could be weeks,” Griffith said, “Instead, with Qualys engaged, the time it took to detect and manage the vulnerability, then follow up to make sure it had been remediated was greatly reduced.
“In one of the best use cases, it was literally within five seconds,” she said, and that was assurance she could take to company executives and customers.
“I knew if our executives came asking me about it, I could tell them exactly what version [of Orion] we had running and, that luckily, it had very limited impact because of that. We can quantify that and explain that to them,” Griffith said. “We could quickly put out our bulletins to our general counsel and our executives and our internal stakeholders saying this was the impact. This is how we answered our customers, too.”
Griffith said Euronet Worldwide is considering implementing Qualys Patch Management to automate its patching process. That could save global IT significant time and resources that could be put toward strategic security initiatives.
“We see great opportunities to build on what we’ve achieved, and we look forward to working with Qualys to accelerate our remediation processes further still,” said Griffith.
Indeed, for Euronet Worldwide, the future is looking a lot more secure.
To find out how Qualys has helped organizations, check out QSC 2021 Las Vegas sessions on the Qualys site.
This post was first first published on Qualys Security Blog’ website by Teri Robinson. You can view it by clicking here