Spang Strengthens Cyber Resilience With eGroup

Spang & Company strengthened cyber resilience with eGroup ThreatDefender, gaining 24×7 monitoring, faster response, and better support for supply chain security expectations.

About This Project

Spang & Co.

Client

1894

Established in

Pittsburgh, PA

Location

Partner Technologies Used

Microsoft E5, Microsoft Defender, Microsoft accounts, Conditional Access, Microsoft Secure Score, impersonation protection settings

Project Highlight

Spang partnered with eGroup ThreatDefenders to strengthen cyber resilience, reduce risk, improve response speed, and support growing supply chain security expectations.

Cybersecurity For A Critical Supply Chain Partner

When your products are embedded inside critical systems and processes, a cyber incident isn’t just an IT disruption. It can become a reputational risk and a supply chain problem.

That’s the high-stakes environment in which Spang & Company has operated since 1895. Spang is a trusted supplier in global industrial and electronics markets. Yet according to VP of IT Brian Buddemeyer:

“We’ve got a small team supporting a lot of people distributed all around the world.”

That combination of global reach, critical products, and a lean IT team made cyber resilience essential.

So, Spang partnered with the ThreatDefenders, eGroup’s 24×7 global cybersecurity team. For Mr. Buddemeyer and other Spang executives, the value of ThreatDefender became clear almost immediately, in ways that protected both its supply chain responsibilities… and its reputation.

Rising Risk And Expectations, Limited Bandwidth

Spang already had security systems in place before ThreatDefender. The problem wasn’t the lack of tools. As a Microsoft E5 customer, the company was already invested in Defender’s capabilities.  

The problem was that a lean internal IT team didn’t consistently have the time for around-the-clock monitoring, investigation, and response. “We’re the typical story of a small group with resource constraints who know that we can’t do enough in an ever-changing threat landscape,” Buddemeyer said.

The result was an ad hoc security process. Alerts were addressed when something obvious surfaced, but deeper investigation often did not happen. 

“No one was really going back and looking at alerts or patterns,” Buddemeyer said. “There was just never enough time for attention to be given to monitoring and response, let alone proactive work.”

When Brian initially proposed a Managed Security Service Provider, executives asked why he didn’t simply hire a security specialist for the same cost. His answer was blunt:
“I looked them in the eye and said, because I know full well it’d be about two weeks before I pulled them off of that work and reassigned them to more important things!”
At the same time, pressure from outside the business was increasing. Cyber insurance requirements were rising. Customers and supply chain partners were sending tougher security questionnaires. For a multinational manufacturer with a key role in the supply chain, the possibility of internal disruption and lost trust from customers tipped the scales toward investing with a security partner.

“We’re the typical story of a small group with resource constraints who know that we can’t do enough in an ever-changing threat landscape,”

Brian Buddemeyer (VP of IT, Spang & Co.)

Why Spang Chose eGroup’s ThreatDefender

What stood out about eGroup was its Microsoft-native approach. Instead of introducing another disconnected toolset, ThreatDefender was built to extend the value of Spang’s existing Microsoft investments.

“eGroup is Microsoft-native and is using all the tools that we already own,” Buddemeyer said. “That kept us from the expense and complexity of a multivendor environment that we don’t need to have.”

Partnership Shows Immediate Value

One incident involved a file that could have turned into a ransomware event. The other involved malicious email activity that could have spread beyond Spang’s walls to trusted contacts.

In the first incident, the threat began quietly. Malware linked to what Buddemeyer described as “a potential ransomware event” landed in a user’s downloads folder.

But before Spang’s team had time to discover it on their own, ThreatDefender had already seen it, recognized the risk, and started moving.

“The ThreatDefender team found and warned us about it in near-real time,” Buddemeyer said. “Then they took action to isolate and monitor the machine even at the same time they were letting us know.”

While the user experienced what looked like a connectivity problem, the real story was unfolding behind the scenes… eGroup was isolating the machine, investigating the payload, containing the ransomware before it could execute or spread.

“Complete containment,” Brian recalled. “Those are certainly magic words where taking immediate action was prudent.”

What could have become a disruptive ransomware incident instead became, in his words, “A scary 45 minutes or an hour” that ended with a clean machine, no blast radius, and no business interruption.

The second incident involved a trusted sender delivering a malicious attachment to a Spang user.

Once opened, the adversary attempted to replicate through the infected user’s address book.

It was a real possibility that Spang itself could become the source of malicious email sent to employees, partners, customers, or other outside contacts.

Again, the response was fast and disciplined. ThreatDefenders helped Spang investigate the path of the threat, remediate the user’s device and Microsoft account, trace where the malicious message had gone, and warn recipients.

“We were able to zap the malware from all other mailboxes,” Buddemeyer said. “No one else in our environment opened our user’s malicious email,” nor had any outside contacts.

The entire incident was resolved in an hour.

“By the time this incident had made it to my personal awareness, it was being wrapped up,” recalled Buddemeyer.

Continuous Improvement and Better ROI

That kind of assurance may be priceless to a brand’s reputation but Spang has found a practical economic advantage with ThreatDefender. Building a comparable internal function would require a team, and Buddemeyer’s take on the alternative was straightforward:  

“It is financially much, much better than hiring a team. In fact, it’s a better deal financially than even one full-time person.” 

“It is financially much, much better than hiring a team. In fact, it’s a better deal financially than even one full-time person.” 

Brian Buddemeyer (VP of IT, Spang & Co.)

While Buddemeyer said the biggest change has been “Our comfort level that we’re investigating more potential anomalies,” ThreatDefender has also changed how Spang manages security day to day.

eGroup helps with vulnerability response, hardening recommendations, secure score review, and targeted improvements such as changes in conditional access and impersonation protection settings.

The result is a more mature, co-managed security posture, without the Spang team carrying the full burden alone. 

That continuous improvement puts Spang in a better position to comply with customer expectations. as “the market’s expectations” for supplier cybersecurity “have ratcheted up over time.”

Today, when customers send security questionnaires and ask tough questions, “we can give them sufficient answers.” Before ThreatDefender, “that was a lot more difficult.” 

ThreatDefender helped contain a potential ransomware event before it could execute, spread, or disrupt the business.

ThreatDefenders investigated, remediated, and helped resolve a malicious email incident in about an hour.

Spang gained 24x7 monitoring and response support for less than the cost of building an internal security team.

Outcome

Spang did not need more dashboards. It needed a dependable way to reduce risk, respond faster, satisfy supply chain expectations, and let its internal team focus on the business. eGroup ThreatDefender delivered that. As Buddemeyer put it, 

“We definitely feel better knowing that someone is watching our systems and our endpoints and our network while we’re asleep. And if they can’t wake us up for something that looks bad, they will start work without us.”  

For a company whose products help other manufacturers, operators, and engineering teams keep their own businesses moving, that kind of protection helps preserve trust in the supply chain, strengthens Spang’s position as a dependable global partner, and give customers confidence that resilience is part of the value they receive. 

Buddemeyer was direct about the impact:

“It is fair to say we might have had at least one reportable incident that we were able to avoid. And that’s huge.”

Today, when customers send security questionnaires and ask tough questions, “we can give them sufficient answers.” Before ThreatDefender, “that was a lot more difficult.” 

Brian Buddemeyer (VP of IT, Spang & Co.)

Strengthen Your Cyber Resilience With eGroup

Get 24×7 security monitoring, faster threat response, and Microsoft-native guidance that helps reduce risk without adding internal complexity.

Low Key Lighting Shot Of Female Computer Hacker Sitting In Front Of Screens Breaching Cyber Security
Get in Touch with Us

Connect with an expert to learn what we can do for your business.

Request Access to Win Wires

Enter your work email to request access to the eGroup Win Wires repository.

By requesting access, you confirm you are using an approved business email domain. You’ll receive a secure, one-time login link after returning to the Win Wires page.