Lagardère’s

Challenges

Through its extensive portfolio of brands and global networks, the group today covers a large spectrum of activities with leading market positions.

When it comes to security for such diverse brands, corporate histories and subsidiary sizes make managing cyber risks extremely challenging. Depending on the resources and priorities of a subsidiary, there are several ways to handle cybersecurity. It is critical for Lagardère to guarantee an optimal and homogeneous level of security across the group’s various entities.

Guaranteeing this level of security requires a high level of expertise which can be costly and time-consuming, especially in highly technical matters such as Active Directory security. Small businesses with limited IT resources can find it difficult to allocate the required time to fulfill their cybersecurity strategy needs.

Solutions

Since its inception, Tenable Identity Exposure was designed as a seamless, non- intrusive, and easy-to-deploy product, able to perfectly fit both large and small entities. This adaptative design was key to ensuring a smooth product deployment in Lagardère’s environment. It took just three days to deploy the fully packaged and turnkey solution with minimal impact on Lagardère’s activity.

Tenable Identity Exposure’s remote-enclave solution was the perfect match for Lagardère’s needs. Completely autonomous, the solution requires no ongoing action from the security team to operate efficiently. On the contrary, the product acts as a control tower in charge of Active Directory security. The solution only raises alerts to the security team when a security vulnerability or breach is detected.

Lagardère wanted to offer each of its subsidiaries the ability to have its own security monitoring solution. This was achieved by deploying cloud platforms for each entity. Although ambitious, this approach was made possible through Tenable Identity Exposure’s cost model which is based exclusively on the monitored infrastructure’s size. Small companies finally can benefit from state-of-the-art Active Directory security for a reasonable price.

Result

Make advanced cybersecurity achievable for small entities

Lagardère’s group is comprised of numerous small perimeters which all have specific business concerns and IT characteristics. As Tenable Identity Exposure automatically learns the monitored Active Directory perimeters, the analysis is adjusted to fit vastly different business organizations, from the largest to the smallest corporate environments.

Using Tenable Identity Exposure, Lagardère was able to ensure state-of-the-art security monitoring for its subsidiaries. To keep subsidiaries in charge of their own environments, one Tenable Identity Exposure platform was deployed for each. This objective would not be possible without a cost model adapted to the limited resources that small companies have to invest in cybersecurity. Due to Tenable’s flexible business model, they can design a tailor-made solution.

Prevent excessive workload for cybersecurity teams

Lagardère’s major objective was to improve the security of its critical infrastructures without increasing the workload of its employees. In a small company, cybersecurity can be managed by a maximum of one or two people.

Many security solutions have operational disadvantages that place a heavy burden on security teams. Compliance solutions often require defining security rules and maintaining them over time, which is time- consuming for a small team. Tenable Identity Exposure offers a definitive solution to this problem by applying every detection rule to ensure that Lagardère remains protected against even the most advanced cyberattack. Thanks to its security as a service approach, Tenable Identity Exposure drastically reduces the impact on security teams and makes Active Directory security seamless.

Reduce false positives using Tenable Identity Exposure unrivaled correlation engine

Reducing the number of security events that need to be reviewed is Tenable’s major benefit for SOC teams. Both Lagardère and Tenable believe that event log analysis is not suitable for complex IT environments. Too much irrelevant information is provided which congests SOC analyst capabilities and causes significant archiving costs. Tenable Identity Exposure is the first security solution that can monitor the security of Active Directory infrastructures without using security logs for detecting attack paths. By analyzing the replication processes, Tenable Identity Exposure identifies breaches at their root and only generates alerts to the SIEM. Tenable Identity Exposure successfully reduced the number of security events sent to the SOC team, allowing Lagardère to be more productive by focusing only on relevant information.