ControlScan MDR Adds Critical Expertise, Manpower to Weigel’s Threat Detection and Response

Since 2009, Weigel's has looked to ControlScan to protect its critical operating systems and sensitive customer data.

Success Story: How Convenience Store Retailer Weigel's Achieved Continuous Threat Prevention with ControlScan Managed Detection and Response (MDR)

Weigel’s Farm Stores (Weigel’s) operates a chain of convenience stores in East Tennessee. From its humble
beginning in 1931 when it began selling raw milk produced from its “herd” of four cows, the fifth-generation, family-owned business has grown steadily and today includes 68 stores, employing more than 3,000 team members.

With its polished store aesthetics and high-quality products, Weigel’s continually advances the convenience store model, establishing industry best practices that transcend far beyond the southeastern United States.

While expanding both its physical and digital footprint over the past several years, Weigel’s realized its cybersecurity vulnerabilities had become more prominent, involving a complex network that includes critical operating systems as well as sensitive customer data. Protecting those assets is paramount to preserving its reputation as an industry-best retailer with fiercely loyal customers.

The Challenge: Keeping Up with Network and Endpoint Security

The convenience store industry has come under siege by data attacks, with cyber criminals targeting critical operating systems as well as customer card information. The attacks have yielded significant returns—little surprise, as most retailers are ill-prepared to prevent these sophisticated attacks from compromising their endpoints.

“The convenience store industry operates on razor thin margins, and unfortunately IT is usually the last thing considered,” says Greg White, IT director of Weigel’s. “Malicious groups understand that, and they are focusing their attention on us. They recognize the vulnerabilities and opportunities.”

With limited IT resources and a staff that was already strained, managing security threat detection and response internally became impractical for Weigel’s. Much of White’s team spent a disproportionate amount of time updating legacy antivirus products, leaving them little time to attend to proactive threat management. “None of us were getting any sleep at night,” White says. “Our staff is so small, we were responding to calls and looking at logs at two o’clock in the morning. It was impossible for us to keep up.”

Choosing a solution was fraught with challenges. Weigel’s needed advanced protection that didn’t compromise performance and that was compatible with its existing hardware infrastructure. No easy task. It also had to be easy to deploy, maintain and update, thereby freeing its IT staff to attend to other corporate security concerns. And most important, it needed to deliver results, not promises.

The ControlScan Solution: Managed Detection and Response

After assessing Weigel’s risks and internal IT capabilities, ControlScan recommended its Managed Detection and Response (MDR) service to effectively manage the company’s network and endpoint security.

The ControlScan MDR service includes a rich mix of crucial threat detection and prevention activities, powered by SIEM and AI-driven endpoint security. But while these components automate critical tasks (at impossibly fast speeds), it is MDR’s human monitoring that ensures everything runs smoothly.

MDR taps the abundant resources of ControlScan’s Security Operations Center (SOC), a 24x7 operation that provides comprehensive threat monitoring, detection and targeted response services. That’s dedicated, high-level expertise that maintains watch over the security of a network, no matter its complexity.

MDR relieves the strain placed on internal IT departments, identifying intrusions in real-time and preventing them from executing on system endpoints.

Capabilities include:

  • Running targeted threat hunting sequences to trace anomalies;
  • Examining alerts to separate true concerns from false positives; and
  • Addressing and mitigating threats in real-time.

Additionally, the ControlScan MDR service alleviates the time-intensive chore of maintaining logs, as it collects, aggregates and normalizes an organization's log data from servers, endpoints, applications and security devices. This delivers a critical time and resource savings, freeing up IT resources to focus on growing their company’s business.

“With ControlScan, I know that I’m secure. I’ve got a partner that is monitoring my system 24 hours a day. And that takes a lot of pressure off me and my team.” - Greg White, IT Director, Weigel's

The Result: 24x7 Eyes on the Weigel's Network

Since deploying ControlScan MDR across its network and endpoints, Weigel’s has achieved continuous, real-time insights into the security of its entire enterprise, all while under the watch of experts at the ControlScan SOC.

The numbers tell a compelling story:

  • 68 stores
  • 69 POS systems
  • 145 endpoints
  • 68 wireless devices

With MDR, Weigel’s can access automated reports from any digital device, neatly organized in a customized, online dashboard. “At a glance, I can quickly find any security event or incident; who’s logged into our system, PCI logs, authentication reports,” White says. “If I see something unfamiliar, I can investigate it.”

Weigel’s retains control over filtering, adding customized rules to comply with corporate guidelines. “We don’t want our people on social media during work, for example,” says White. “So if they do access these types of sites, we get an immediate alert. These alerts help us maintain a secure environment.”

ControlScan notifies Weigel’s of all questionable threats, allowing it to act against real ones while dismissing those that are inconsequential. Either way, everything is addressed immediately, and real intrusions are appropriately elevated and addressed.

Asked to summarize the ControlScan relationship, White says, “Unless you have a partner with cybersecurity specialization and round-the-clock operations like ControlScan, you’re doing it yourself. Or worse, not doing it at all. And if you’re doing it yourself, you’re not sleeping.”

Download Success Story