Center Parcs
Starting with network visibility
“We do joke that we’ve brought 5G and WiFi to the forest,” says Haider Kubba, Group Information Security Officer at Center Parcs. Guests at Center Parcs locations are more likely to see red Squirrel or deer than they are to spot a wireless access point. But that doesn’t mean seamless connectivity in the middle of a pristine wilderness is either impossible or undesirable for visitors.
“You can order food, or pay for an activity, with a QR code and smartphone – but you don’t need either of those to enjoy your stay – you can ditch the electronics altogether,” Kubba continues. “A lot of what we do is to give guests as much freedom from technology as they want during their stay.”
For Center Parcs and Kubba, the network is just the tip of a cybersecurity capability powered by Darktrace – one that now extends right to guests’ mobile devices with a new cloud app.
Kubba joined Center Parcs in 2017 as the company began to pursue PCI-DSS compliance in earnest – and took on the challenge of building a strong security foundation for what was then a midsized company.
“We didn’t have anyone showing up every day with cybersecurity as their responsibility. Everybody was doing their bit – and doing it well – but it wasn’t the reason they woke up every day and went to work.”
The company was still too small to have its own dedicated SOC / SIEM, and a new approach, mentioned by a couple of fellow CISOs, appealed.
“They mentioned this wonderful company coming out of Cambridge that did security with AI at the Network layer and that got my interest,” says Kubba. At the time, Advanced Threat Protection was a popular approach, but it often proved too cumbersome for most. “Understanding and having visibility of your network traffic is, more often than not, your frontline defense as an organization. The first time we connected the Darktrace device and booted it, we definitely had an ‘Oh. Wow.’ moment.”
The eye-popping insight wasn’t confined to cybersecurity.
“Suddenly the network engineers had visibility of how things were actually connected, not just how they should look in a Visio diagram. It gave insight into their network as they planned and architected it.”
That aside, Kubba could see immediate benefits for his area of responsibility.
“With the power of AI, with the 24 by seven support we have with Darktrace, I felt that whatever was going through my network , now I had someone looking at it – a team where I previously didn’t have a team that was there at the spearhead, looking out for threats.
“That was the point at which I felt, ‘OK, we’ve secured this as a start. We’ve had so many recommendations come out of this relationship since – and that’s how we started using Darktrace, and where we began walking into more of what they could offer us.”
Sudden change – and adapting communications securely with a single platform
Kubba picked up Darktrace / EMAIL and / IDENTITY just as the pandemic kicked off. The new pressures on remote working infrastructure – with all staff obliged to collaborate remotely - soon proved its worth. Accustomed to meeting in person, the staff at Center Parcs quickly adapted to working over Teams conference calls. Kubba brought in Darktrace / EMAIL to secure workforce collaboration at short notice, adding a layer of protection over and above existing tools.
“I looked at several products from an email perspective, and, for us, Darktrace really did everything well and protected us straight away,” explains Kubba “We already had some email protection, and we put Darktrace / EMAIL in after. It caught several mails that our native email security missed out – way more, in fact.”
Darktrace / EMAIL also proved its worth in preventing account takeover. Budget consolidation soon followed – as did Darktrace / IDENTITY, a further investment aimed at extending this feature beyond email to other SaaS collaboration platforms, including Microsoft Teams and Sharepoint
Securing the cloud
Security has been a consideration for new development from the start during Kubba’s tenure, not least to ensure that security plays an enabling role from the get-go. This is none more the case than with Cloud adoption at Center Parcs. His background as a developer and as a manager has meant he can ask questions early – and make a positive difference. Center Parcs was to continue its growth story by bringing cloud-enabled services to employees and guests alike.
The vital part for Kubba is being proactive to ensure that, whatever the business wants to do next, it and its guests are protected. The same applies to moving apps and services to the Cloud.
“The great thing about Cloud adoption is its Agile nature. People can spin up infrastructure when they need it. The less good thing is that, for every hundred people doing it, one might make a mistake,” says Kubba. “Darktrace / CLOUD means you can make sure it’s done securely every time. I get visibility of potential security risks – such as if, say, someone has accidentally created an S3 bucket that’s visible to the public.”
At Center Parcs, Kubba has a line into both the infrastructure and service delivery teams, meaning that when something new is in the offing, he is one of the first to be consulted – and can advise on how to make a new service or infrastructure secure before the fact, not after. In this case, that meant picking up Darktrace / CLOUD.
He saw Darktrace as part of the solution, speeding up delivery and increasing cadence as the digital team developed a new App for Center Parcs guests.
“Believe it or not, it’s the same use case for Darktrace / CLOUD [as Center Parcs had for previous Darktrace applications] just for a different platform,”” says Kubba. “I started having a lot of conversations with the digital product owner, who is in charge of all of our digital estate, all the way down to the developers, about how security could support their work from the start. It became very clear that they wanted to move very fast, but while they could come up with all this code very fast, testing would need to look at it, then security – and it threatened to become a ‘hurry up and wait’ problem when every business knows, being first is generally the best.”
“I have conversations with everyone, from the management through to developers. I trained as a developer at university, so I can have conversations at that level. They wanted to move fast, but there was a bit of a ‘hurry up and wait’ issue. They’d write all this code, then testing would take a look, then security would need to scan it and so on. What I wanted to do was eliminate this reduction in cadence and delivery,” explains Kubba. “That’s where Darktrace / CLOUD comes in. we can at least take away the security burden so we can increase delivery and increase cadence.”
“Cloud audit logging and audit review, and the flexibility of cloud in general, is amazing for business – but it’s also a challenge for security, and it’s on the security team to say ‘Yes, we can absolutely make this happen securely’.”
“With Darktrace, I know my cloud formation, my cloud infrastructure, the environment in which a lot of guests will be interacting with, is secure.”
From the start, Darktrace has given Kubba and Center Parcs the confidence to act positively and proactively to change, from the early days of protecting the network edge through to doing the same with the latest cloud-based apps for guests.