Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Learn how EDR and threat intelligence can be used to defend against ransomware. Join our webinar on June 23rd.

Overview

Ensuring threat visibility across a hybrid cloud network

A national homebuilder was concerned that it lacked the technology and resources to identify when it was being targeted by cybercriminals. By partnering with Redscan, the company has elevated its security maturity and is now able to detect and respond to threats more swiftly and competently than ever before.

Redscan case study
Industry
Property

The Challenge

Summary

  • Growing use of cloud services
  • Dispersed and mobile workforce
  • GDPR and PCI DSS requirements

As a leading national housebuilder with a large and very mobile IT estate, this organisation has the potential to be an attractive target to cybercriminals. The dispersed nature of the company’s workforce means that it relies heavily on carefully selected cloud services to enable and facilitate employee and subcontractor access to systems and data, both in the office and whilst in the field.

Security logs were not being consistently captured, analysed and correlated, leaving the organisation at risk of attacks without any visibility of them. There were also concerns about whether the business was doing enough to satisfy the requirements of the GDPR and PCI DSS.

The organisation needed a security capability that would enable it to effectively monitor and protect important data and assets, 24/7/365. But with a small team, the company’s Head of Technology & Cybersecurity knew it lacked the resources to build this capability in-house – it needed a security partner to provide support and expertise.

“As an organisation using digital technologies to support the development, delivery, support and sale of our homes, we recognised that we needed a more cohesive solution and strategically aligned partner to help us deliver the majority of the required cyber security operations effectively.”

“We now know we’ve got eyes on our critical assets and that those events are being looked at, scrutinised, triaged and qualified as legitimate or false positives. That is night and day in contrast with where we were before our relationship with Redscan.”
Head of Technology & Cybersecurity
Housebuilding Company

The Solution

After a rigorous tendering process, the homebuilder selected Redscan as its cyber security partner. It did so in recognition of the fact that Redscan demonstrated a clear understanding of its needs and offered a set of well-integrated and expertly supported tools to address them.

ThreatDetect™, Redscan’s award-winning Managed Detection and Response service, supplies the people, technology and intelligence needed to quickly identify and respond to current and emerging cyber threats. For a cost-effective annual subscription, ThreatDetect provides extensive visibility across the company’s infrastructure, and in doing so, reduces their mean time to detect and mean time to respond to threats. ThreatDetect’s Security Operations Centre professionals operate as a virtual extension of the organisation, providing notification of genuine incidents and actionable mitigation guidance to help respond swiftly and effectively to them.

The Head of Technology & Cybersecurity says: “Redscan’s excellent alignment to a cloud-first ethos matches ours perfectly and is ideal for our highly mobile workforce. The scalability and reliability of Redscan’s service gives us the confidence that our cyber security is being maintained very effectively and will support the growth of the business. Our expectations and needs have been met exactly, and this is true from the first stage of engaging with the team at Redscan as a potential partner, through to onboarding and now on an ongoing operational basis.

 

The Results

Validated security alerts
While the organisation had already implemented several initial capabilities to help prevent cyber-attacks, it wanted to elevate its cyber security maturity by enhancing its ability to proactively monitor for threats capable of evading these controls. In an average month, security events across the company’s infrastructure generate hundreds of security alerts. Without ThreatDetect, the team would not have the time to investigate, analyse and triage all of these alerts to validate whether they are genuine and require a response. The business now has the assurance that its infrastructure, including over 1100 endpoint devices, and its corporate website, are being constantly monitored and, when its team receives notification of incidents, they are ones which genuinely require attention.
Actionable outcomes
Redscan provides the insight and mitigation guidance the team needs to be able to quickly detect and respond to incidents. Incident information is shared securely via CyberOps™, Redscan’s threat management platform. When an incident is raised by Redscan’s SOC team, the company's cybersecurity team receives a notification and a prompt to log into the CyberOps to view information about the incident, its possible risk to the business, and actionable advice about how to respond to it. The company is now confident that if an attack does occur, it will be in a position to act quickly and effectively.
Extensive visibility
To enhance threat coverage and visibility across its network, ThreatDetect integrates with the company’s Microsoft 365, Cisco Meraki, Cisco Umbrella, Cradlepoint NetCloud, Fortinet FortiGate (firewall) and SpyCloud (dark web monitoring solution) solutions. Internal and external vulnerability scanning is also conducted as part of the service, which helps the business proactively identify and address vulnerabilities across its infrastructure.
Swift service deployment
By choosing ThreatDetect, the company has been able to quickly level up its security capabilities. An incredibly smooth and efficient on-boarding process means that ThreatDetect took less than two months to deploy, decreasing the time that the organisation has taken to see to value, and all without any disruption to the business.
Exceptional service
The organisation values the high-quality service it receives from Redscan. In a recent survey, the company awarded Redscan 10 out of 10 for speed of response to incidents, quality of advice and the high standard to which Redscan responds to its needs.
Improved situational awareness
As well as security insights provided through CyberOps, the team receives monthly service reports and weekly threat intelligence updates. These help to enhance situational awareness and ensure that security risks are communicated to key stakeholders across the business.. The team also benefits from regular service reviews with a dedicated Technical Account Manager.
“Thanks to Redscan, we’re in an infinitely better place now. We have got more visibility than we ever had, and critically, in all the right places. I can now sleep easy knowing that Redscan’s expertise is protecting our business.”
Head of Technology & Cybersecurity
Housebuilding Company