Keith O ’ Gorman , Global Information Security Service Manager at Archroma , discusses how the organisation – a global provider of specialty chemicals operating in over 100 countries and headquartered in Switzerland – uses Edgescan to continuously scan its systems for vulnerabilities across its IT infrastructure . Having worked with Edgescan to build security into its processes from the ground up , Archroma values the trust it can put into Edgescan , which offers a service combining automation and human validations to minimise false positives .

We are a relatively young company and we brought Edgescan on board quite early on , so rather than transitioning from another vulnerability management solution , it was more a case of deploying the Edgescan SaaS across our IT infrastructure .

We operate in the Operational Technology ( OT ) space as well , but currently we have a different approach to securing that side of the business . When we adopted Edgescan , our focus was to ensure that security was designed into our processes , building it from the ground up and embedding it into our operations .

Did you consider other solutions before you settled on Edgescan ?

Yes , we went through our regular sourcing process , but the other vulnerability management solutions that came up against Edgescan were all fully automated . The human factor was what tipped in favour of Edgescan : we really saw the value in having a team of qualified pentesters verifying each and every vulnerability , providing us with intelligence and patching support should we need that .

How did you find the onboarding process ?

The onboarding was very swift . We started with an asset discovery and it didn ’ t take more than two weeks to have the solution up and running and set up across Archroma ’ s entire IT infrastructure .

How has Archroma benefitted from using Edgescan ?

Edgescan gives us the peace of mind that comes with knowing that our vulnerability management solution is virtually false-positive free . The accuracy

Keith O ’ Gorman , Global Information Security Service Manager at Archroma that comes with human validation , paired with the efficiency of automatic , continuous scanning , means that my team now knows that whenever a vulnerability is flagged , the vulnerability is there and they can continue working until they find it and fix it .

Have you seen a quantifiable Return on Investment ( RoI ) after you brought Edgescan on board ?

RoI is notoriously difficult to quantify in cybersecurity , but according to Edgescan ’ s own data , the validation of vulnerabilities saved 4,500 staff hours . www . intelligentciso . com

51