Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
I prefer to be contacted by:
View our privacy policy
Book a penetration test today. Get in touch.

Overview

Overcoming security challenges with a managed service

With prestigious corporate investors and banking partners, this independent global asset manager has a responsibility to provide exceptional data and network security.

It reduced the risks to its business and aligned with the requirements of financial regulators by subscribing to Redscan’s award-winning Managed Detection and Response service.

Case Study
Industry
Finance
HQ
UK

The Challenge

Summary

  • Need to protect high-value assets
  • Reputational repercussions if breached
  • No visibility beyond the perimeter
  • Growing regulatory pressures

All businesses in the financial services industry need robust IT security, and this organisation is no exception. The organisation manages assets for a wide range of clients and is keenly aware of its responsibility to protect all related information.

Critically, the firm also needs to ensure that there are no weaknesses in its own network that might be exploited by hackers as a means of infiltrating the networks of its many financial partners. The Head of IT Infrastructure says: “If hackers were to see us as an easy target, they might try to use us as a back door into the systems of our counterparties, and this would cause immeasurable damage to our reputation.”

The organisation had antivirus software and firewalls, which provided an essential first line of defence. However, if hackers or malware were to penetrate these barriers, it had no means of monitoring its IT infrastructure to detect unauthorised activity on its network. The Head of IT Infrastructure says, “There were times when we noticed PCs acting oddly, even when our antivirus software gave them the all-clear.” The organisation therefore decided to implement proactive network monitoring to improve its IT security and reduce the risks to its business.

The organisation was comfortable that it complied with the IT security standards set out by the Financial Conduct Authority (FCA) in the UK, and other similar regulatory bodies around the world, but it anticipated that these industry requirements would soon become more stringent.

The Solution

Summary

  • Reduced load on in-house team
  • Enhanced visibility
  • Comprehensive security insight

The small IT team was familiar with Intrusion Detection Systems (IDS), however, as The Head of IT Infrastructure explains, such solutions “generate a huge amount of reporting data, which no one person can monitor.” He estimated that he would need to employ “a dedicated team of at least 2-3 extra people to make an in-house IDS work,” which was cost prohibitive to the business.

Then, he discovered the subscription-based Managed Detection and Response service from Redscan. Qualified security experts from Redscan monitor IDS alerts 24/7 and provide a comprehensive system information and event management (SIEM) service.

The Results

Increased confidence
The organisation is confident that its data is far more secure than it was before. “We now feel that we are doing our utmost as a business to protect our data. Redscan’s MDR service is a cost effective service that gives us complete peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners.”
Reduced risk
As the company’s network is being monitored 24/7, there is far less risk of it being used by hackers as a gateway to the IT infrastructures of other organisations. If a breach does occur, the in-house IT team will be alerted promptly to ensure any nefarious activity is shut down and eliminated.
Affordable service
Redscan’s MDR service is considerably more affordable than other managed IT security services, which the Head of IT Infrastructure believes are often priced for large corporations. “Cost is often a barrier to managed services for businesses like us,” he says. “Services like this for small and medium-sized businesses are few and far between.”
Increased cyber awareness
The firm’s clients are becoming more aware of cyber security risks. “They now know to ask questions and what questions to ask,” says the Head of IT Infrastructure. “Having MDR covers these questions simply and clearly.”
Vital security intelligence
There was one unexpected consequence to the Redscan MDR service. “As an IT team we are now busier, because Redscan highlights issues that we need to address, but that’s certainly not a negative of the service. Redscan is simply telling us what we need to know – and probably wouldn’t know without a service like this.”
Low risk service
Finally, the Head of IT Infrastructure is keen to mention that he considers the Redscan service to be “low in risk”. The Internet connection to Redscan’s Cyber Security Operations Centre sits out-of-band, so in the very unlikely event of Redscan’s network failing, it wouldn’t cause any business disruption for the organisation.