Share this article
Sun Metals, the Australian subsidiary of Korean-owned Korea Zinc, is a manufacturer of high purity zinc. Its products are sold locally and across the world, with various sister companies covering logistics and emerging interests in the green energy sector.
The Problem: Assess and Bolster Security Posture in Australia
In late 2019, Sun Metals commenced the process of looking for a partner to support them as it assessed, and improved its security posture in Australia.
Josh Rowe, who leads Sun Metals cybersecurity team, went to the market in search of an Australian cybersecurity partner that could ensure the company’s defences were strengthened against the risk of cyber attack and to uplift Sun Metals’ security to reduce the risk and impact of future cybersecurity challenges.
Sun Metals was using many standard tools Australian businesses use in their cybersecurity strategy: firewalls, endpoint and email security, and proxies for internet access. But the approach was largely reactive and lacked detection and response.
Sun Metals needed to get on the front foot in preventing and defending against malicious attacks.
The Solution: Future Proofing Critical Data and System Assets
Sun Metals chose Tesserent, previously known as Pure Security, because it was the fastest to respond with an offering that could deliver value instantly. Mr Rowe says that Tesserent’s response exhibited a deep technical understanding of the problems Sun Metals faced along, with a detailed plan of how to strengthen defences quickly.
“The total time from when we first contacted Tesserent to having a solution presented for management approval was fewer than five business days,” explains Mr Rowe.
Before the engagement with Tesserent, Mr Rowe reports, “We commenced with penetration testing to assess how vulnerable we were. Armed with the results of those tests, we were able to start building a remediation plan that guided us through those critical early days and then future proofing of our critical data and system assets. That initial exercise also taught us a great deal about the threat landscape we faced. It wasn’t just a checklist of things to fix.”
Mr Rowe reports there have been clear benefits that have come from the new, proactive
approach to security.
I have no hesitation in highly recommending Tesserent to anyone in the industry. The Tesserent team are highly professional with deep technical knowledge, cutting edge capabilities and expertise
The Future: Australian Approach Leads Strategic Agenda
Sun Metals and Tesserent’s relationship has now expanded to include a more strategic look at the threats faced by Sun Metals and planning for how it would respond to a potential incident.
A SIEM was implemented and supported by Tesserent’s Incident Detection and Response service. That move has been so successful that the parent company is looking at a similar solution.
“Tesserent provides us with an extra set of hands and eyes to ensure our systems are as safe as possible. That’s incredibly important for us. With a small team, this is a cost-effective way to ensure we stay on top of the risks we face,” says Mr Rowe. “And it’s made us more proactive as the threat landscape is constantly evolving. The reports we receive enable us to effectively communicate with non-technical members of the management team about cyber risks the business faces.”
Sun Metals is now focused on working with Tesserent on further assurance testing and will upgrade its desktop computing environment. “This will create changes in the company’s security posture that will need to be addressed. And we are moving towards the use of more smart technology, so we want to leverage the investment we’ve made in our security infrastructure to ensure we do that as securely as possible,” explains Mr Rowe.
From the initial goal of uplifting its security posture, Sun Metals’ partnership with Tesserent has allowed it to move from a reactive security mode into a proactive one. Sun Metals has been able to avoid costs and prepare the way for future upgrades while reducing risks and taking a forward-looking approach to information security.
Speak with a Tesserent
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.