COFCO International lifts global food supply chain safety with Microsoft Defender solutions

COFCO International buys, sells, processes, and distributes vital agricultural commodities. Its infrastructure, especially its Linux environments running critical SAP applications, needed robust security that would not diminish system performance.

COFCO deployed a full complement of Microsoft Security solutions for a consolidated security posture, including Microsoft Sentinel and Microsoft Defender XDR.

The solution is reducing costs and complexity, decreasing the total cost of ownership associated with overseeing multiple security platforms. COFCO strengthened its defense against cyberthreats and laid a foundation for future security initiatives.

Deploying Microsoft Defender ensured that our supply chain system remained stable and highly secure, increasing our confidence in handling the global demands of our operations.

Asher Elazar, Global Head of Information Security, COFCO International

Supply chains are important to the flow of goods and services around the world. None is more essential than the agricultural supply chains that help feed and clothe the world’s population. These critical systems produce, transport, store, and distribute everything from raw materials to market-ready products.

From farm to table, COFCO International buys, sells, processes, and distributes vital agricultural commodities, meeting global demand for food and clothing through assets spanning six continents. The organization provides healthy, quality agri-food products to a quarter of the world’s consumers. A global agribusiness with headquarters in Geneva, Switzerland, COFCO International is the overseas agriculture business platform for COFCO Corporation, China’s largest food and agriculture company.

COFCO International’s infrastructure, especially its Linux environments running critical SAP applications, needs robust security. The company’s previous security solutions were fragmented and siloed, as a ransomware attack in 2017 made distressingly apparent. This breach—which took several weeks to resolve—underscored COFCO’s need for an integrated security solution that could keep such threats from disrupting global operations.

Asher Elazar, Global Head of Information Security at COFCO International, is charged with safeguarding the expansive infrastructure that supports this worldwide organization. As he says, “This incident was a red flag that prompted us to overhaul our security approach.”

Adopting a holistic solution

COFCO turned to Microsoft Defender for Office 365 to provide comprehensive protection without compromising system performance, crucial to the smooth functioning of its vast and diverse infrastructure. Given COFCO’s long association with Microsoft and its Microsoft Azure usage, the choice of Microsoft Defender solutions was a natural step. Defender for Endpoint, the Microsoft endpoint security solution, could be seamlessly tied into the company’s complex Linux and SAP systems. “We wanted something that interoperated directly with Microsoft Azure and could run with our critical applications such as SAP,” says Elazar.

The implementation of Defender across COFCO’s infrastructure marked a significant upgrade from its previous patchwork of security solutions. Interoperability within the Defender solutions allowed for real-time threat detection and response, significantly reducing the complexity and time required for security management. As part of its security solution consolidation, COFCO replaced Symantec with Microsoft Defender for Endpoint across Windows and non-Windows platforms.

The company adopted the Microsoft unified SecOps platform, which combines Microsoft Sentinel, a cloud-native, scalable security information and event management (SIEM) solution, and Microsoft Defender XDR. COFCO now uses the Defender portal to gain a unified view of all threats and alerts. The company uses this full visibility into its environment to assess and respond to threats more quickly.

“Microsoft Sentinel, with its ability to interoperate with multiple solutions and act as a hub to manage control and automation, has been particularly valuable for us,” says Pedro Relvas, SAP Basis Linux Principal Engineer at COFCO. “We deployed Microsoft Defender for Endpoint across different types of SAP workloads running on top of Red Hat Enterprise Linux and also Windows, achieving not just better security but also significant improvements in system management and oversight. The automation in our security solution has also been a huge success.” He adds that these SAP workloads run on top of a high-availability scenario, using a Pacemaker cluster. The deployment also extended to other critical areas such as Oracle and SQL databases, covering 90% of COFCO’s Linux server environments. The approach used by Microsoft Defender for Endpoint on Linux ensured zero workload disruption and a friction-free deployment across the fleet. COFCO is also using Microsoft Defender for IoT at its industrial sites to help safeguard products moving through locations with critical operational technology infrastructure from threats, such as destructive ransomware and targeted attacks.

“We’re using Defender for Endpoint across not only standalone SAP systems but also on the Pacemaker cluster nodes across SAP workloads, both ASCS & HANA Database nodes, because protecting those clusters from viruses and malware was crucial for us. We needed to ensure that the solution would function well with SAP, the backbone of the company. We knew if we could make Defender for Endpoint work for SAP, even with the detailed SAP specifications and complexity, we could do it with any other workload,” adds Relvas.

We deployed Microsoft Defender for Endpoint across different types of SAP workloads running on top of Red Hat Enterprise Linux and also Windows, achieving not just better security but also significant improvements in system management and oversight.

Pedro Relvas, SAP Basis Linux Principal Engineer, COFCO International

A greatly strengthened security posture

COFCO’s broad adoption of the Defender suite has delivered major security improvements across the enterprise. “Deploying Microsoft Defender ensured that our supply chain system remained stable and highly secure, increasing our confidence in handling the global demands of our operations," says Elazar. Those global demands potentially include adherence to regulations everywhere the company operates. “While we have no current compliance requirements, we want to be prepared to meet new regulations as they are enacted,” adds Elazar. “We’re confident that our Microsoft security solutions can address this when we need to.”

The company protected every layer across its corporate and industrial environments, both on-premises and in the cloud. It rolled out Defender XDR combined with Defender for Endpoint, Defender for IoT, Defender for Cloud, and Microsoft Sentinel. This enhanced the security of data flowing among platforms and across the global supply chain. The automation and integration with Defender simplified the security management process across multiple teams. With operations streamlined and five to eight hours’ time in security and vulnerability reviews saved monthly, the IT team could focus on strategic initiatives rather than routine security maintenance. By consolidating its security operations with Microsoft solutions, COFCO reduced costs and complexity, decreasing the total cost of ownership associated with overseeing multiple security platforms.

With Defender, COFCO not only strengthened its defense against cyberthreats but also laid a foundation for future security initiatives. The solution’s scalability and integration capabilities make it well suited to support COFCO’s growth and evolving security needs. Elazar says, “This project was about more than just adding a new tool; it was about transforming how we protect our global operations and ensuring we can continue to operate without fear of disruptions.”

Find out more about COFCO International on X, YouTube, and LinkedIn.