Salvation Army Achieves Game-Changing Cybersecurity Posture with LogRhythm

Salvation Army case study

For more than 140 years, the Salvation Army has been providing support and guidance
for those in need throughout Australia. The faith-based movement offers a range of
services including assistance for the homeless, aged, alcohol and drug rehabilitation,
youth and employment support, and disaster recovery.

Each year the organisation assists more than 1 million Australians. During an average
week, it provides 100,000 meals for the hungry, 2000 beds for the homeless, and
3,000 people with aged care services.

The Challenge

As the Salvation Army’s presence in Australia has grown during recent years, the organisation has become increasingly reliant on its core IT systems. Used for everything from resource planning and budgeting to record keeping and communication with clients, the infrastructure comprises a complex array of hardware that supports a number of critical software applications and holding of sensitive data.

“During the past two years in particular, we had come to the realisation that the way in which our infrastructure was being protected from cyber threats was not as strong as it needed to be,” “It was clear that we need to remove what was essentially a gap in our visibility to ensure we did not fall victim to a potentially damaging attack.”
Lachlan McGill_Salvation Army
Lachlan McGill
Executive Manager Cybersecurity, Information Technology Services, The Salvation Army

The Solution

In late 2020, plans were made to implement a more robust security platform to improve the level of protection for the organisation’s critical IT assets. A range of options were reviewed before a decision was taken to deploy a SIEM platform from LogRhythm.

“What we liked about LogRhythm over its competitors was its large array of pre-built integrations, and its superior automation and orchestration capabilities. We were also attracted by the ease of use of the analyst console and the platform’s very competitive pricing.”
Lachlan McGill_Salvation Army
Lachlan McGill
Executive Manager Cybersecurity, Information Technology Services, The Salvation Army

McGill said the Salvation Army IT team was also impressed with the knowledge and experience exhibited by managed services provider Seamless Intelligence who had proposed the LogRhythm solution.

“Seamless was able to demonstrate a deep understanding of the technology and how it would meet our specific requirements. They began the deployment for us in February 2021 and it was completed by April.”

Visibility and improved security posture

LogRhythm’s SIEM platform was up and running very quickly. After ingesting logs, the IT team at Salvation Army started receiving alerts and intelligence within a day. Once the new SIEM was fully operational, the Salvation Army IT team quickly noticed some significant benefits. It was now possible to gain insights into issues and incidents that would previously not have been possible without trawling through endless logs or paying third parties to conduct audits.

“Overall, we have been able to significantly reduce the level of risk that cybersecurity presents to our organisation.”

“There is no doubt our maturity level has greatly improved, and we look forward to further leveraging the capabilities of LogRhythm to provide further benefits.”

McGill points to threat detection efficiency and effectiveness as areas that have experienced significant improvement, due in no small part to the processes introduced by the partner and their ability to extract the most value from the LogRhythm SIEM platform.

“We have logs coming in from several different systems and services which means that the insights we’re now getting have greater coverage,” he said. “This allows us to see where an attack has originated from and where it has potentially made its way to in other parts of the network infrastructure.

For example, using the threat intelligence in LogRhythm, the IT team can see if a potentially malicious email has made it through the infrastructure’s filters, whether a staff member has clicked on a link and whether that caused their workstation to become infected with malware. LogRhythm SmartResponse
is then used to block the sender or malicious URL and do a forensic examination of the workstation.
Looking ahead, McGill said the next step was to take advantage of LogRhythm’s automation capabilities to reduce the workload on the IT team and further improve the levels of protection being achieved.

“We now have in place a security infrastructure that meets our needs now while also having the ability to scale with us in the future,” he said. “It’s been a gamechanger.”

About The Salvation Army

The Salvation Army Australia is an international Christian movement, united by faith and giving hope where it’s needed most. Across Australia – in cities, country towns and rural communities – our work touches every demographic and age group. We’re involved in national issues while also bringing
hope to people who may be experiencing hardship or injustice. Our services include assistance for the homeless, aged, alcohol and drug rehabilitation, youth and employment support, and disaster recovery.

Your donation makes a significant difference.

Donate Here
Comments are closed.