The global HVAC and fire systems manufacturer’s network of internal volunteers works in conjunction with the cyber team’s tooling and threat hunting strategy to foster shared responsibility for securing enterprise operations. Credit: PeopleImages.com - Yuri A / Shutterstock For enterprises that do business worldwide, cybersecurity can be a complex undertaking, as risks such as phishing attacks by threat actors continuously evolve across the globe to bypass traditional defenses wherever they may reside. Carrier Global, a provider of heating, ventilation, and air conditioning, refrigeration, and fire and security equipment, is a case in point. “Our global workforce, which includes on-site, hybrid, and fully remote employees, adds complexity to our security posture, as we must ensure consistent protection across diverse working environments,” says Thuy Tran-Korns, deputy CISO at Carrier. “Ransomware is another concern facing any organization,” Tran-Korns says. “We must constantly plan our business resilience to ensure that attacks do not impact operations and inflict significant financial damage. We are constantly enhancing our incident response plans and recovery processes to mitigate the impact of such attacks.” The use of artificial intelligence (AI) in attacks is another growing concern, according to Tran-Korns. “AI-driven threats are becoming more sophisticated, enabling attackers to automate their campaigns and execute attacks at scale,” she says. “This underscores the need for us to leverage AI in our defensive strategies as well, to identify and neutralize threats proactively.” Fortifying security In response to these risks, Carrier has fortified its cybersecurity measures, deploying the latest solutions and fostering a culture of security awareness throughout the organization. Thuy Tran-Korns, deputy CISO, Carrier Carrier “Our defense strategy is not only about technology, but also about empowering our people to be the first line of defense against cyber threats,” Tran-Korns says. “We are committed to maintaining a secure environment that protects our assets and the data of our customers, ensuring that Carrier remains a trusted name in the industry.” Carrier has deployed advanced technology solutions, streamlined processes, and emphasized personnel development through comprehensive training programs every month. “We use the latest cybersecurity solutions along with end-user awareness to create a comprehensive defense-in-depth strategy,” Tran-Korns says. The security awareness training includes monthly training sessions and simulations to ensure that all team members are equipped to recognize and respond to potential threats. “We also made significant process changes to bolster our cybersecurity posture,” Tran-Korns says. “This includes the implementation of stricter access controls, regular security audits, and the adoption of a proactive incident response strategy.” Carrier has integrated security information and event management (SIEM) systems, enhanced its endpoint detection and response (EDR) capabilities, and employed automation to detect and mitigate threats more efficiently. “These concerted efforts have not only strengthened our cybersecurity infrastructure, but also aligned with our business values and mission, positioning us as a leader in digital security within our industry,” Tran-Korns says. Collaborative approach One such collaborative Carrier cybersecurity initiative, its project around enterprise phishing defense, which centers around people, tools, and “the hunt,” has garnered industry recognition, including a 2024 CSO Award, honoring security projects that demonstrate outstanding thought leadership and business value. Since being launched in April 2021, the program has been instrumental in reporting more than 77,000 advanced threats that have bypassed security tools, according to Dennis Legori, associate director of security awareness and digital communications at Carrier. Dennis Legori, associate director of security awareness and digital communications, Carrier Carrier The people aspect of the project refers to the Carrier Enterprise Defender’s global network, a community of volunteers who discuss suspicious activities, share best practices from adaptive training, and receive real-time support from the security operations team. “This collaborative environment empowers users to become active participants in cyber defense, fostering a sense of shared responsibility,” Legori says. The tools aspect encompasses the use of defense-in-depth strategy, including a secure email gateway that scans more than 2.2 million emails a day. “It also involves endpoint security and other tools that contribute to a robust cybersecurity defense system,” Legori says. And the hunt aspect focuses on the investigation of sophisticated threats that slip past technology. “This proactive approach educates and empowers our users to identify and report phishing threats, such as deceptive emails or malicious links, ensuring an effective and collaborative defense system,” Legori says. “Through this collective vigilance, we enhance our security posture and maintain a resilient enterprise against cyber threats.” Centralized model Implementing a cybersecurity a strategy in a global organization that operates across 160 countries and comprises more than 75 brands presents unique challenges, Tran-Korns says. When Carrier spun off from United Technologies in 2020, it made a shift to a centralized shared services model. “This shift requires a nuanced approach to ensure consistent cybersecurity standards while accommodating the diverse operational needs of each business unit,” Tran-Korns. To address this, the company established a Digital Cybersecurity Council, which plays a pivotal role in aligning cybersecurity strategies across the organization. The council, which includes representatives from various business units, ensures that cybersecurity policies and practices are effectively communicated and implemented throughout the organization. This approach equips all entities within Carrier with the latest cybersecurity tools, ensuring they can swiftly respond to threats without incurring crippling costs to the business, Tran-Korns says. “Through these measures, we have navigated the challenges of implementing cybersecurity solutions in a complex, global organization, ensuring a secure and resilient digital environment for all our stakeholders,” Tran-Korns says. To secure business buy-in for security initiatives, “we engage with key stakeholders across the business to understand their concerns and objectives, ensuring that our security initiatives support their goals,” Tran-Korns says. This has fostered a sense of shared ownership and commitment to cybersecurity projects, she says. “We showcased the ROI [return on investment] of our security program by highlighting not just the risks to the company, but the efficiency gains from streamlined security processes and automation,” Tran-Korns says. “By presenting cybersecurity as a strategic investment rather than a cost center, we have successfully garnered the support and buy-in necessary to implement our security initiatives.” Carrier’s security program closely aligns with its business values and mission, Tran-Korns says. “The successful integration of our cybersecurity initiatives has bolstered the trust of our clients and partners, reinforcing our reputation as a secure and reliable entity in the industry, she says. “This alignment has also facilitated smoother operations, reduced risk, and fostered innovation, contributing positively to our overall business objectives and growth trajectory.” SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe