Customer Case Study: Threat Detection Recon Teams Help Milbank Identify Need for PKI Spotlight
Milbank planted its roots on Wall Street in 1866. The firm’s clients include market leaders and global innovators. Milbank is ranked one of the top global law firms. It is 31st on the American Lawyer’s 2022 AM Law 200 ranking. In the 2022 Global 200 survey Milbank ranked as the 40th highest grossing law firm in the world.
Business Challenge
Daniel Park, Manager of Cloud and Identity Services at Milbank, is responsible for managing and securing the company’s Azure and Office 365 services, as well as maintaining a hybrid configuration between on-premises and cloud environments. Identity and access management are also key components of his role, and security has become a top priority for the team.
Milbank constantly looks to improve its cybersecurity posture by investing in best-in-class products and processes. This includes running penetration tests multiple times a year to identify potential exploits and timely mitigating associated risks.
Milbank’s main success is in using PKI Spotlight to receive best practice recommendations and notifications about misconfigurations in the PKI environment. Park acknowledges that it helps him track changes made to the environment by various team members, who may not always be aware of best practices or the potential impact of their changes.
With PKI Spotlight, Milbank is able to identify and fix issues before they are exploited by hackers or penetration testers. In addition, it has helped Park educate his team on best practices and ensure that they are following them when making changes to the PKI infrastructure.
“Our Penetration testers noted that it is the first time that they have done a pen test on an organization, and not found any vulnerabilities in their PKI. PKI Spotlight has been instrumental in making that possible.”
– Daniel Park, Manager of Cloud and Identity Services Authentication Services, Milbank
Key Deliverables
- Provided consulting services to ensure the organization’s Public Key Infrastructure (PKI) is secure and available.
- Deployed PKI Spotlight for ongoing monitoring and alerting of the organization’s PKI environment.
Outcome
- Real-time visibility into PKI misconfigurations and deviations from best practices to prevent escalation of privileges, man in the middle, and malicious code signing exploits.
- Improved staff productivity and in-depth PKI expertise while reducing the risk from lack of PKI specialization and employee attrition.
Risks
Properly securing and managing PKI is crucial for companies as it is a foundational component of their overall security posture. In addition to the risks of security breaches and data loss, failure to properly secure PKI can result in non-compliance with various laws and regulations, such as the Securities and Exchange Commission (SEC) and Federal Bureau of Investigation (FBI) policies.
Solution Overview
PKI (Public Key Infrastructure) is a critical aspect of Milbank’s security infrastructure, and the team has recently deployed PKI Spotlight from PKI Solutions to help manage and secure their PKI infrastructure. It can be challenging to manage all responsibilities, including PKI, which was inherited by Park when another team member retired. Ensuring the security of their systems is a primary responsibility for all team members working in infrastructure.
“We quickly deployed PKI Spotlight agents and immediately saw Best Practice recommendation reports. PKI Spotlight communicates over single port TLS and supports currently deployed cryptographic algorithms and Quantum resistant standards, which makes it work seamlessly with Milbank’s security controls on the server, network, and subnet.”
– Daniel Park, Manager of Cloud and Identity Services Authentication Services, Milbank
PKI (Public Key Infrastructure) was previously a neglected aspect of Milbank’s infrastructure and needed to be configured to best practices standards when handed over to Daniel Park’s team. With PKI Spotlight in place, Park and his team no longer had to manually check the configuration of each certificate template tab by tab and screen by screen. It also meant they did not have to deal with the hassle of making multiple publicly available scripts work with Milbank’s security controls.
Results
Milbank is a law firm that understands the importance of cybersecurity and PKI monitoring. By using PKI Spotlight, Milbank is able to do its due diligence in protecting sensitive and confidential information, such as client data, financial records, and legal documents.
With PKI Spotlight in place, Millbank can now track essential metrics like:
- The total time a PKI vulnerability or an exploitable misconfiguration exists in their environment.
Before PKI Spotlight, the average detection cadence was once a quarter, and determining the best remediation approach was time-consuming. With PKI Spotlight, Park and his team are immediately alerted to exploitable PKI misconfigurations and vulnerabilities.
PKI Spotlight also acts as an authoritative source of tried and tested remediation playbooks which eliminates time wasted to hunt for appropriate actions.
- Productivity gains and institutionalized PKI expertise
One of the benefits of PKI Spotlight is like having an additional FTE headcount with specialized PKI expertise available 24/7. Milbank can mitigate the lack of PKI expertise created security risk by eliminating the Single Point of Failure regarding PKI expertise. Now junior admins can quickly come up to speed on the nuances of managing a PKI.
“PKI Spotlight is like having an additional FTE headcount with specialized PKI expertise available 24/7.”
– Daniel Park, Milbank
Why This Matters to Your Bottom Line…
Milbank’s commitment to cybersecurity and PKI monitoring demonstrates its dedication to the security and privacy of its clients’ information. By taking these proactive steps, the firm is able to protect against cyber threats such as hacking, phishing attacks, and ransomware, and maintain the trust and reputation of the firm.
By prioritizing cybersecurity and PKI monitoring, Milbank is taking the necessary steps to protect itself and its clients from these potential repercussions.
-
Get to Know PKI Spotlight!
Schedule a demo with our PKI experts to learn how PKI Spotlight addresses the most common challenges faced by our customers.
By the end of your call, you’ll have a clear understanding of how PKI Spotlight will improve your operational resilience, security posture, threat detection, and best-practice capabilities.
Topics we will cover:
- How the real-time aggregation engine works to process information from PKI roles such as CAs, CRL distribution points, Hardware Security Modules, and more.
- How to set up monitoring and alerting rules so that you, your teams, and stakeholders can get notified on changes, failures, and even pre-failure states.
- How to use config explorer to get insights into PKI configurations such as CA permissions, revocations, and crypto modules.
- How you can use time-based filtering to keep track of trends and establish behavioral baselines.