Established in 1920 and listed on the Australian Securities Exchange, Reece Group is a leading distributor of plumbing, waterworks, and HVAC-R products to commercial and residential customers. The company has approximately 7,000 employees committed to improving the lives of their customers by striving for greatness every day.
As head of security, Shane Laffin is responsible for protecting Reece’s business-critical applications and information technology (IT) infrastructure from cyberattacks. “Our customers are at the center of everything we do, which means we take data integrity and cybersecurity very seriously,” he says. “We're always looking at the market, assessing what's out there. It's a changing landscape. You can’t rest on your laurels. We reached out to Cylance partner CyberRisk for assistance.”
Prior to co-founding CyberRisk, Director Leong Wang was among the first CylancePROTECT® customers in the Australian region. “As early adopters of AI-based endpoint defenses, we understood the technology very well,” says Wang. “Therefore, we were well-positioned to help Reece Group with its proof-of-concept planning.”
The Proof of Concept (POC) Begins
“We began the POC by exposing the candidate solutions to 200 different malware strains to baseline their capabilities for malware detection and pre-execution prevention,” says Laffin. “CylancePROTECT stopped all of them.” Next, the solutions were exposed to attack simulations that utilized the APT29 tactics, techniques, and procedures (TTPs) documented in the MITRE ATT&CK® framework. “The MITRE ATT&CK simulation tests were eye-openers,” says Laffin. “CylancePROTECT and CylanceOPTICS® excelled over the other products we were considering. Their performance was exceptional.”
Author’s note: Click here to learn how a recent MITRE ATT&CK APT29 evaluation validated the prevention-first approach to cyber defense provided by BlackBerry® Protect, BlackBerry® Optics, and BlackBerry® Guard.
Laffin also assessed the candidate solutions for management efficiency. “Simplicity is important to me,” he says. “The Cylance console is extremely straightforward and easy to operate. I could immediately see that the learning curve would be a short one.”
Within two months of deploying Cylance’s unified agile agent technology, Laffin and his team had CylancePROTECT security controls for malware prevention, memory exploit protection, script control, device usage control, and application control enabled in full blocking mode.
State of Prevention Achieved
Although security upgrades are ongoing, Reece Group has completed its transition to a proactive, prevention-first security posture. “Cylance has proven it can successfully address all of our endpoint protection, detection and response requirements from a security, operations and design perspective,” says Laffin. “By automating and streamlining threat management, they’ve enabled us to scale and support our growing global business.”
Please note: BlackBerry completed its acquisition of Cylance on February 21, 2019. CylancePROTECT® is now known as BlackBerry® Protect. CylanceOPTICS® is now known as BlackBerry® Optics. The Cylance console is now known as the UES console.