Overcoming security and budgetary challenges with a managed service
With prestigious corporate investors and banking partners, TT International, an independent global asset manager, has to provide exceptional data and network security. It reduced the risks to its business and aligned with the requirements of financial regulators by subscribing to ThreatDetect™, Redscan's award-winning Managed Detection and Response service.
All businesses in the financial services industry need robust IT security, and TT International is no exception. The organisation manages assets for a wide range of clients and is keenly aware of its responsibility to protect all related information.
Critically, TT International also needs to ensure that there are no weaknesses in its own network that might be exploited by hackers as a means of infiltrating the networks of its many financial partners. Ben Lloyd, Head of IT Infrastructure at TT International, says: “If hackers were to see us as an easy target, they might try to use us as a back door into the systems of our counterparties, and this would cause immeasurable damage to our reputation.”
TT International had antivirus software and firewalls, which provided an essential first line of defence. However, if hackers or malware were to penetrate these barriers, it had no means of monitoring its IT infrastructure to detect unauthorised activity on its network. Lloyd says, “There were times when we noticed PCs acting oddly, even when our antivirus software gave them the all-clear.” The organisation therefore decided to implement proactive network monitoring to improve its IT security and reduce the risks to its business.
The organisation was comfortable that it complied with the IT security standards set out by the Financial Conduct Authority (FCA) in the UK, and other similar regulatory bodies around the world, but it anticipated that these industry requirements would soon become more stringent.
The small IT team at TT International was familiar with Intrusion Detection Systems (IDS), however, as Lloyd explains, such solutions “generate a huge amount of reporting data, which no one person can monitor.” Lloyd estimated that he would need to employ “a dedicated team of at least 2-3 extra people to make an in-house IDS work,” which was cost prohibitive to the business.
Then, Lloyd discovered ThreatDetect, a subscription-based Managed Detection and Response service from Redscan. Qualified security experts from Redscan monitor IDS alerts 24/7 and provide a comprehensive system information and event management (SIEM) service.
TT International is confident that its data is far more secure than it was before. “We now feel that we are doing our utmost as a business to protect our data,” says Lloyd. “Redscan’s ThreatDetect is a cost effective service that gives us complete peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners.”
As TT International’s network is being monitored 24/7, there is far less risk of it being used by hackers as a gateway to the IT infrastructures of other organisations. If a breach does occur, TT International will be alerted promptly to ensure any nefarious activity is shut down and eliminated.
Redscan’s ThreatDetect service is considerably more affordable than other managed IT security services, which Lloyd believes are often priced for large corporations. “Cost is often a barrier to managed services for businesses like us,” he says. “Services like ThreatDetect for small and medium-sized businesses are few and far between.”
Increased cyber awareness
TT International’s clients are becoming more aware of cyber security risks. “They now know to ask questions and what questions to ask,” says Lloyd. “Having ThreatDetect covers these questions simply and clearly.”
Vital security intelligence
There was one unexpected consequence to the Redscan ThreatDetect service. Lloyd says, “As an IT team we are now busier, because Redscan highlights issues that we need to address, but that’s certainly not a negative of the service. Redscan is simply telling us what we need to know – and probably wouldn’t know without a service like this.”
Low risk service
Finally, Lloyd is keen to mention that he considers the Redscan service to be “low in risk”. The Internet connection to Redscan’s Cyber Security Operations Centre sits out-of-band, so in the very unlikely event of Redscan’s network failing, it wouldn’t cause any business disruption for TT International.
What our customers say
"Should I need any security testing again in the future, Redscan would be my first port of call!"
Project Analyst/Developer, STM Life
"Redscan’s hands on approach identified security flaws that had previously been overlooked by other vendors"
Technical Operations Manager, Sporting Index
"Redscan's cost effective service gives us peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners"
Head of IT Infrastructure, TT International
"Our partnership with Redscan has been one of the most successful that we have ever undertaken"
IT Director, ICG
"We have been very impressed by the quality of Redscan’s engagement, communication and reporting. We will not hesitate to use them for any future testing requirements."
Relying on traditional preventive security solutions to safeguard against evolving cyber security threats can leave your business exposed to well-resourced and persistent adversaries. Addressing the growing challenges …