Reduces mean time to respond by more than half
With automation and other efficiency features in Elastic Security, THG has reduced mean time to respond to security events by 60%.
THG reduces first-line triage by half
With Elastic Security, THG has cut the time spent on first-line triage to 50%, enabling security experts to focus on proactive activities that protect the business.
Elastic snapshots help slash storage costs by 60%
With searchable snapshots in Elastic Security, THG has reduced the cost of physical storage by a massive 60%.
Ecommerce giant THG boosts efficiency and the customer online experience with Elastic
THG, formerly The Hut Group, is a U.K. ecommerce retail company that sells its own brand and third-party cosmetics, dietary supplements, and luxury goods online. It also provides ecommerce services to third parties through its Ingenuity division.
Since its launch in 2004, the business has evolved rapidly in response to new competitors, economic cycles, and a fast moving security landscape. The rapid pace of change is the main challenge for THG's technical and security teams who protect the business from cyber-attacks. Abraham Ingersoll, Chief Security Officer, THG, says, "Our goal is to reduce the time needed to enhance and secure our systems as the THG technology stack expands."
Elastic Security plays a central role in this approach. It is used by THG's security operations team to collect logs from its global systems, which include a growing number of SaaS platforms and the organization's zero trust platform. The team can then correlate data, identify security issues and notify the security operations team to take appropriate action where necessary.
Ingestion enhances business performance
Ryan Kennedy, Head of Security Engineering, THG, says, "With Elastic, we can add new data sources at any time. We're now pulling in as many as 25,000 events per second from about 100 different feeds. It all adds up to terabytes of data that we can use to enhance security and business performance."
"Elastic is much more than a log collection tool. It adds features and value that make a real difference to the security of the business."
THG is also taking advantage of Elastic's machine learning capabilities to identify security events. Kennedy says, "It helps us stay ahead of threats including fraud, data breaches, and denial of service attacks. We spot events that may go under the radar of other systems, including previously unseen attack vectors."
Boosting consumer confidence
By accelerating security and other business processes, Elastic supports a faster, optimized consumer experience. "Behind the scenes, Elastic enhances the end-user journey from browsing to check out," says Ingersoll. It also delivers peace of mind to the teams responsible for the safety and availability of THG systems. "When I'm walking around our offices, I always see Elastic dashboards being used by staff in different parts of the business," he says.
Kennedy explains how automation in Elastic Security lowers the time to respond to security incidents. "We can pull in logs and alerts from our security automation and response (SOAR) platform and identify patterns that indicate a threat. Elastic enables us to follow remediation playbooks automatically, reducing our meantime to respond to incidents."
Replacing multiple security vendors with Elastic's single pane of glass significantly boosts efficiency now that analysts are working from a consistent interface. In the past, the team used to spend up to 90% of their time on first-line triage. With Elastic it is just 50%. Alex Wilson, Head of Solutions, THG, says, "We can now focus more of our time on forward thinking activities such as threat hunting, detection, and response processes."
Protecting the business, reducing costs
To comply with business and regulatory needs, THG must store data in hot, warm, cold, and frozen nodes. For infrequently accessed and read-only data, it now uses Elastic's searchable snapshots in cold and frozen tiers, reducing dependency on more expensive storage hardware.
Looking to the future, Wilson sees opportunities to widen the use of Elastic across the organization, including implementing into acquired businesses that run on different technology stacks. He also sees potential for non-security activities such as monitoring application performance and uptime. "Standardizing with Elastic brings further economies of scale, reducing the risk and cost of using multiple logging and security systems," he says.