Melbourne Racing Club introduces 24/7 soc and incident response support to bolster cyber security

Download Customer Story Contact Us

Objective

With cybercrime increasing in frequency and complexity, Melbourne Racing Club sought a security partner to help improve visibility for vital round the clock support, to support its IT team.

Melbourne Racing Club reached out to trusted partners including Data#3 to request proposed solutions. A proof of concept showed that the solution and joint expertise Data#3 and SecurityHQ offered was a great fit to meet their requirements.

IT Outcome

Business Outcome

For us, the highlight was improving our business security posture. Partnering with Data#3 and SecurityHQ for the managed SOC solution meant we were able to achieve a more robust, stable scenario and respond to incidents quickly.

VJ BorgohainGeneral Manager – Technology, Melbourne Racing Club

The Background

Melbourne Racing Club (MRC) offers a world-class visitor experience to its sporting, entertainment and hotel venues. Formed in 1875, the organisation’s history plays a central role in Australia’s cultural heritage.

The organisation has a busy ICT team that primarily operates during business hours, supporting the business as well as partners using the network at its venues. A modern cyber security solution was needed to aid the ICT team in protecting against evolving risks.

The Challenge

With many high-profile organisations getting hit by cyberattacks, MRC was acutely aware that every organisation must tackle this growing risk. To do so it would take the right mix of people, process and technology, and would require 24/7 resources. MRC General Manager – Technology, VJ Borgohain, said that monitoring and addressing cyber incidents involved considerable manual effort and was performed in-house.

“We had almost all of our detection and response service in-house, using different platforms and software that monitored our environment. It was up to the infrastructure team to look at that and take actions. The issue was that we all wear multiple hats; we are not dedicated security consultants, we knew we needed a partner with the expertise to monitor what comes in almost in real-time,” said Borgohain.

“We work at specific times, not 24/7. Outside of business hours, we lacked the coverage needed to respond quickly.”

The tasks involved in evaluating risk were increasingly time-consuming, and staff had to balance working through a volume of alerts with other priorities. Their skills were in demand to provide ICT expertise for the many events and activities that MRC hosts, ranging from sports events to conferences and charitable endeavours with the MRC Foundation.

“We knew we really needed some help, and reached out to several partners including Data#3, who took us through their managed SOC offering in partnership with SecurityHQ. We really liked what Data#3 and SecurityHQ offers in terms of 24/7 access to 300+ security consultants at SOC operations centres all over the world. This combined with the expertise of the Data#3 team meant we knew our environment would be monitored 24/7 and that we could respond to incidents quickly,” explained Borgohain.

While the solution met MRC’s requirements, including onshore data storage, on paper, Borgohain was keen to take a closer look at how it would work in the real world. Data#3 and SecurityHQ organised a proof of concept (POC) so they could try the managed SOC solution and consulting proposal for themselves. The speed of the Data#3 and SecurityHQ partnership was quickly put to the test.

IT Outcome

The Data#3 team onboarded MRC to the managed SOC solution in a carefully managed transition.intelligent security analytics was deployed, and the team got to work. The most noticeable changes since implementing the new Data#3 and SecurityHQ managed SOC solution have, to Borgohain, been the increased visibility and reduced false positives and noise that make it easier to pinpoint threats from the vast number of logs created daily.

“I can see from our latest monthly report that we had around 1.1 billion logs, with 2.87 million alerts, and 264 of these were from related activities, with the managed SOC narrowing it down to 49 items for further investigation.”

The MRC team can view incidents on a single dashboard, making it easy to get an overall picture of the current situation and drill down into individual events. They can see in real-time any actions taken by the SOC analysts, and share any measures taken in-house. The managed SOC is used as an extension of the MRC team, giving them greater reach and allowing them to direct their efforts where they can add most value.

“Earlier, we were dependent on someone in the team looking at those logs and any alerts. They would have to process, analyse, and see what the event involved. Now the Data#3 and SecurityHQ team looks at it first and we only need to look further if it is relevant to our environment. We don’t have to look at logs anymore, we are more efficient and better protected,” stated Borgohain.

“We used to use several tools that we would navigate through to get a picture. Now, we get a ticket created in our dashboard and that’s all we need to look at. We can invest that time doing other things in the business that enable progress.”

One of the challenges at MRC had been the rapid nature of response needed as the threat landscape changed and attacks increased in sophistication. Where once, the logs would have been checked in the morning, competing for attention with many other tasks, the MRC environment is now monitored around the clock by skilled security analysts, so that responses can happen more immediately.

“For us, the highlight was improving our business security posture. Partnering with Data#3 and SecurityHQ for the managed SOC solution meant we were able to achieve a more robust, stable scenario where we could respond to incidents quickly.” “We may still get a call at 1 am, but we know that it is a verified incident when that happens. There is a definite improvement in our security posture, and we know this will be an ongoing journey for us. Every month, every day, we want to keep on improving. We try to put in as many controls as we can, and we rely on our partners where we don’t have the resources available.”

Business Outcome

When it comes to cyber security, Borgohain emphasised the importance of the entire organisation, from senior management to every worker, playing their part. The POC was an important element in gaining support.

“Data#3 and SecurityHQ did a really great job in the response phase and the analytics phase, we were really impressed with their work on the security event that occurred. It made it easier to take to management and show why we needed to get on board with the managed SOC.

“We do our part in making the business aware of cyber incidents including what they should and should not do. We then report to management about our security posture.”

The insights available from the SOC solution are proving invaluable to Borgohain’s team and have opened new insights into the task at hand. The platform includes powerful analytics that offer information about the types, frequency, and origins of attacks. Looking ahead, Borgohain expects to see the “usual increase” in cyber activity around major events in the spring racing calendar, but he is already enjoying a clearer picture.

“We can see that the last few months have ramped up. It has already been good to have the monthly report to gain visibility of trends; SecurityHQ now does the numbers and logs so I can look at and compare current activity to previous months and see how we are travelling. There are definitely peaks and troughs, and we can plan accordingly.”

Having access to a worldwide team of cyber security specialists for a predictable monthly fee has proven advantageous to the in-house team and working together has led to upskilling opportunities.

“We are constantly looking at what more we can do from a security perspective, because it is important to always improve. We lean on Data#3 and SecurityHQ to provide that expert advice and help us align the technology stack in our environment going forward. Whether we’re doing a refresh or other projects, it gives us more visibility and helps us enhance our security posture,” reported Borgohain.

We get that accountability from Data#3 and SecurityHQ that saves us from constantly worrying if we are doing enough, as we used to feel when we were doing this in-house.

VJ BorgohainGeneral Manager – Technology, Melbourne Racing Club

Conclusion

In a fast-evolving security landscape, Borgohain was clear that technical solutions alone are only part of the story. He said it is vital to have the right people and processes in place to continually adjust and improve security posture.

“We get that accountability from Data#3 and SecurityHQ that saves us from constantly worrying if we are doing enough, as we used to feel when we were doing this in-house. Some weeks, my team is especially busy with different big events, provisioning technology for our customers, and now we have peace of mind knowing that our security monitoring is being taken care of.”

Download Customer Story Deliver the digital future, securely with Data#3

Are you ready to think about Security differently?

Contact a Data#3 Security Specialist

Information provided within this form will be handled in accordance with our privacy statement.

Adelaide Festival Centre’s 50% Reduction in Azure Costs Allows More Community Investment

Objective

Adelaide Festival Centre had little visibility of its environment, and sought a managed service provider it could confidently expect to monitor its IT ecosystem effectively.

Approach

With cloud costs steadily rising and a lack of adequate monitoring, Adelaide Festival Centre made the decision to seek a new managed services partner at the end of its existing contract.

Business Outcomes

  • 50% reduction in Microsoft Azure costs
  • Increased stability and availability of IT services
  • Greater visibility and understanding of IT issues that affected the business
  • Knowledge share that gives Adelaide Festival Centre IT team increased learning opportunities

“Data#3 was very clear about what would be delivered, they clearly have good systems and processes in place, they were professional and polished – we weren’t going to be the first customer they had done this work for.”

Christine Dunthorne, Manager for Finance and Business Support, Adelaide Festival Centre

The Background

Since it was established in 1973, Adelaide Festival Centre has gained a reputation as one of the nation’s premier entertainment venues. Its more than one million visitors each year enjoy a diverse range of festivals, theatre, music, dance and exhibitions. The centre also operates a number of community programs that offer youngsters from disadvantaged schools their first taste of the theatre.

Adelaide Festival Centre’s small IT department supports a range of activities, from administration and back office to ticketing and providing technology services to exhibitions and shows. A strategic decision was made to use a managed service provider (MSP) to assist with day-to-day activities. However, with cloud costs rising, it was time to find a partner with the right experience to manage their shifting technology needs.

The team carefully reviewed its requirements and issued a tender that included requests for superior monitoring capabilities as well as the ability to reduce cloud costs by 20%. Respondents were scored against the issued criteria, and Data#3 was assessed to be the best partner to help meet the centre’s needs.

The Challenge

Adelaide Festival Centre has worked hard to build its reputation as a world-class arts centre, always ready to seek new and exciting ways to entertain the local community and the many visitors it attracts to South Australia. Staying ahead depends increasingly on strong technology provision, and the centre’s IT team plays a key role in bringing the arts centre’s vision to life. Every facet of the business, said Adelaide Festival Centre Manager for Finance and Business Support, Christine Dunthorne, is affected by the IT decisions that are made.

“We are potentially a 24/7 business, we sell tickets online, and operate a number of food and beverage outlets that must be connected to process payments.”

The centre had made the decision to work with a managed service provider for the underlying IT environment, so that its in-house team could concentrate on managing projects aimed at progressing the business. Initially, this worked well, but as IT needs grew, some challenges arose.

“With so many events on, it’s a lot of pressure for our small IT team to keep up with the demand. All of our promoters have strict specifications for their shows which can include upgrading equipment, so it’s imperative that our IT team can be available as required,” explained Dunthorne.

“The less our service provider could do for us, the more the team internally had to do to keep business moving.”

Dunthorne was quick to add that, in part, the difficulties stemmed from the centre’s initial approach when seeking out the previous service provider. The incumbent was not subjected to the ‘rigorous procurement process’ that was later employed when it selected Data#3 and, at a distance, it was hard to build a partner relationship.

“One of the main issues was that they weren’t local – everything we had to do was from a distance, which caused challenges. We had no face to face relationship,” said Dunthorne.

“They had a high turnover out of Sydney, so even if we were dealing with a tech person who was really good, and started to understand the environment, two or three months later they were gone, and you were starting over. There were constant changes in personnel.”

The difficulties escalated after Adelaide Festival Centre transitioned much of its environment to the cloud, in a move that was aimed at increasing flexibility and making costs predictable. Costs rose faster than anticipated.

“Another reason to change providers was that our costs were creeping up: over 18 months, increasing by 20% a month in Microsoft Azure costs. Moving to the cloud was meant to be cheaper for us, but I couldn’t see any of that,” outlined Dunthorne.

The centre identified a lack of visibility and poorly monitored environment as a particular problem, something made more difficult by the distance from the incumbent service provider. The small IT team, already busy, found itself taking on extra tasks, which created a heavy workload.

“We were monitoring whether they were monitoring our systems. Sometimes we picked up issues that they hadn’t picked up, and we were having to tell them there was an issue. It was impacting our business,” said Dunthorne.

“We don’t want to spend 30 per cent of our time managing a contract, it is just not feasible. It needs to be ticking along on its own – we had to release the burden on the team.”

Through 2024, nearly all legacy applications migrated to public cloud infrastructure as a service (IaaS) will require optimization to become more cost-effective.

Business Outcome

Taking on board the lessons of the previous managed services contract, Dunthorne interviewed people from IT and other key business areas over the course of six months in order to get a distinct view of what was needed. Then, it was time to define the ideal fit.

“We leveraged a specialist to help put us put the tender together, and in the process, we got better at knowing what we were after. We had to be clear about what would fit, and we had to start thinking more strategically about IT,” said Dunthorne.

“Data#3 was very clear about what would be delivered, they clearly have good systems and processes in place, they were professional and polished – we weren’t going to be the first customer they had done this work for .”

Cloud expenditure had been a key consideration for Adelaide Festival Centre. As a not-for-profit organisation with 30 per cent government funding, every cent must be carefully spent to provide the best return for the community. In the tender that was issued, respondents were challenged to demonstrate a minimum of 20 per cent savings on Microsoft Azure costs.

“Data#3 told us they could provide greater savings, potentially up to 70 per cent, depending on how many of their recommendations were taken on board,” described Dunthorne, who accepted most recommendations.

“We weren’t well set up in the cloud, and when they did a health check, they managed to achieve a 50 per cent cost reduction.”

Any savings that are made operationally by the IT team enable the centre to increase funding in other projects, such as its community outreach projects. In particular, Dunthorne is passionate about their activities that introduce youngsters to the theatre.

“The more we spend on infrastructure, the less we have to provide programs for the public. We have an education program for teachers, we fund disadvantaged schoolchildren to attend the theatre for their first time, sometimes providing transport from remote areas.”

In addition to local community programs, Adelaide Festival Centre works to attract the best international shows, such as Disney’s Aladdin and Billy Elliott the Musical. These high-profile productions often have special ticketing and performance requirements, and the availability of the IT team is essential to provide the necessary support. In turn, the team needs its IT environment to be managed and monitored efficiently with minimal intervention.

“We now have very defined service levels, which makes it easy to manage the agreement. Previously it wasn’t well documented. Part of our problem had been contract management, part was the distance from the service provider,” said Dunthorne.

“As soon as we changed to Data#3, my staff were more willing to try new things. I rely heavily on my staff to advise me if there’s a problem with a supplier, and they are no longer in my office every three minutes.”

Dunthorne credits much of this new-found confidence to having a locally based managed services team that is supported by a national and international team of experts. Adelaide Festival Centre has developed a strong relationship with Data#3’s South Australian-based engineers and account manager and sees the venture as a ‘partnership’ that creates an extended team. Visits from a Data#3 senior executive helped cement the affiliation.

As part of their requirements, Dunthorne included in the issued tender that the new managed service partner should aid strategic planning and include some training opportunities for her small IT team.

“I wanted to feel like it doubled the size of my team and saw it as an opportunity for extra training. We are invited to lunch and learns at Data#3’s workplace, we had this built into our agreement,” described Dunthorne.

“The actual work to achieve the Microsoft Azure savings was done by my team, they felt more confident doing it because they had a good managed service provider in the background to support them.”

The handover process was extremely smooth, with a special team brought in to ensure that work was completed before the next contract renewal was due with the incumbent. Dunthorne is now confident that their IT environment is well monitored, so that potential issues are flagged well before they become problematic, leading to greater stability.

“We can see what’s happening – our system now gives us good visibility of what jobs are outstanding. We can see when the Data#3 team makes notes on the system, we can look where they’re at, it works well,” said Dunthorne.

Conclusion

Adelaide Festival Centre’s IT team learned from the limitations of their remote managed service contract that face-to-face contact and a better cultural fit would benefit them. Dunthorne’s advice is to be clear about what is needed from a service provider, and to seek strategic advice as well as day-to-day support.

“We had it written into our contract that our service provider needs to be providing advice on what direction we should take; it is not just about keeping stable, it is also about looking for opportunities. Our managed service provider is out in the wider world, keeping on top of what’s new in IT,” said Dunthorne.

“We are a unique business, South Australia’s premier performing arts venue, and Data#3 made an effort to understand what we do.”

Dunthorne cites communication as Data#3’s greatest strength, with ‘nobody left in the dark, a massive plus’. With the help of Data#3, the team is not yet finished with seeking savings on its cloud costs.

“We are happy with the level of savings we achieved, but we haven’t finished yet, we can now identify further potential savings,” she concluded.

1. Gartner (2018). Software Asset Management for the Cloud: Consumption Management and Optimization Take Center Stage. [Online] Available at: https://www.gartner.com/en/documents/3894124/software-asset-management-for-the-cloud-consumption-mana

It’s clear the pursuit of transformation is no longer a choice, but how do you find your way. The good news is that others have successfully undertaken this journey. It makes sense to leverage the experience of experts who have done it before.

Watch this video to learn how Data#3 worked with the Melbourne Cricket Club/Melbourne Cricket Ground on its digital transformation journey. Ultimately, helping to enhance customer experience and improve business processes leveraging digital technology.

MCC Keeps Technology on the Ball with Help from Data#3 Maintenance Solution

Objective

With over 3.5 million fans attending the MCG annually, the Melbourne Cricket Club (“MCC”) needed full visibility of their highly available networks to meet the intense demands of match-days.

Approach

Implement a long-term Cisco maintenance contract for maintenance and support services including ad-hoc support, out-of-hours support, and on-site support.

IT Outcome

  • Certainty of an Original Equipment Manufacturer (OEM) backed contract with local expertise
  • A high-touch engagement model to ensure fast access to on-site support
  • Support for very high uptime demands

Business Outcome

  • Maintenance and support saving more than $300k over three years
  • Better visibility of assets, including all renewal information

“Communication is a key to success when working with a partner in a demanding IT environment. We stay in touch with the Data#3 team frequently to ensure we don’t miss a thing. I cannot speak highly enough of the Data#3 team and the way they have engaged with us.”

Rey Sumaru, General Manager of IT and Innovation, Melbourne Cricket Club

The Background

Affectionately known as ‘the G’, the MCC’s Melbourne Cricket Ground hosts many of Australia’s most popular sporting events. It is also home to events, functions, and the National Sports Museum.

Supporting everything from ticketing and security to visitor Wi-Fi, the highly available network built by the MCC’s IT team prioritises redundancy. Ongoing support was needed to ensure its Cisco systems performed with utmost reliability.

The Challenge

Facing high costs and limited visibility of the Cisco environment, the MCC was due to renew its Cisco support contract. With just weeks until the Boxing Day Cricket Test, MCC General Manager of IT and Innovation, Rey Sumaru, said it would have been simple to renew with the MCC’s current provider.

“It is easy to stay with who you know, but that isn’t always the answer,” said Sumaru.

“Our previous dealings with Data#3 had shown us the effort they make to understand how our business works.”

That business places extreme demands on the network, and failure is never an option.

“It is critical to have right business partner – we don’t get a second chance to get it right,” said Sumaru.

When tens of thousands of sports fans arrive to cheer their team, the MCC must be ready to greet them. Without its systems working, the show, quite simply, could not go on.

“The consequence would be that broadcast partners could not televise matches, the media couldn’t file stories, and we couldn’t get 70-80,000 people inside,” said Sumaru.

“Our access controls all depend on the network. Without them we couldn’t scan tickets or use the scoreboards – the critical infrastructure is what allows you to open the venue.”

Ensuring the right support is a vital part of maintaining the MCC’s systems, but time was running out to negotiate an agreement before the Ashes Test. When Data#3 extended an offer to provide support before contracts were signed, the MCC team recognised the ‘customer-first’ attitude.

IT Outcome

Within two weeks, the MCC team received an extraordinary level of intelligence from Data#3 about its own environment. Information-gathering identified which equipment was due for renewal or approaching end-of-life. This allowed the MCC to plan and budget more effectively for future needs.

“A partner who understands us is critical in our business,” said Sumaru.

“We met with the Data#3 executives and team, and that gave us a level of comfort that they were the right fit.”

The maintenance agreement includes support for the entire network, back-office and stadium. Data#3 also provides tailored customer success activities, using its Hub platform to manage assets, lifecycle management, support arrangements, case-logging and incident management. The transparency and ease of access afforded by Data#3’s Hub platform allows the MCC team complete visibility of its environment and status.

“After a situation with little visibility, we can now see what we are dealing with,” said Sumaru.

Included in the agreement was a balance of service time to assist with ad-hoc support for game days and out-of-hours support, with on-site support quickly available around the clock.

“It is less stressful knowing we have backend redundancies, and a partner willing to jump on board to help, whenever we need them,” said Sumaru.

“They are very responsive.”

Given the tight time-frame, the transition to a new support partner had to occur very quickly, but it was a smooth process,” said Sumaru.

“Data#3 made the transition easy for us.”

Business Outcome

While initially the plan had been for a shorter timescale, Data#3 was able to identify greater savings from Cisco by locking in an associated financing model under a long-term contract. It was a move that will save the MCC $300,000 over three years.

“The budget certainty gives the MCC ‘greater certainty’, but it is the assurance of ready, on-call support that is most important, given the potential cost of failure.” said Sumaru.

“Cisco were very engaged from day one, and it gave us a level of comfort that they knew what was in place. They are complemented perfectly by Data#3’s local expertise.”

By gaining visibility of IT assets and related support coverage, the MCC has been able to mitigate risk of failure and of licence non-compliance.

“Without the right coverage, we could have been exposed to unacceptable risk,” said Sumaru.

“Technology is a key platform for our operations, and without it our stadium couldn’t operate.”

“Communication is a key to success when working with a partner in a demanding IT environment,” said Sumaru, who values the relationship his team has established.

“We stay in touch with the Data#3 team frequently to ensure we don’t miss a thing,” said Sumaru.

“I cannot speak highly enough of the Data#3 team and the way they have engaged with us.”

Conclusion

Ensuring ongoing availability of an outstanding network is something that cannot be left to chance for the MCC team, and Sumaru is happy that with Data#3 and Cisco, it is in safe hands.

“They took time to understand our business, and often vendors don’t take that time,” said Sumaru.

His advice is to start researching available options early, to give plenty of time to make decisions.

“Don’t assume that your current partner is the best without checking the other available options.”

With support in place, and exceptional redundancy built in, the MCC can continue to offer the thrilling visitor experience it is famous for.

“For a typical match, we cater for 70,000 visitors to log on, and we get consistently good feedback on how good our Wi-Fi is,” said Sumaru.

“These days, technology is all part of the show that the fans love at the MCG.”