Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Book a CREST penetration test today. Get a quote.

Overview

Safeguarding critical client assets worth billions

Concerned about the growing cyber threat and potential impact that a large-scale breach could have on its business, Intermediate Capital Group (ICG), a specialist asset manager investing in private debit, credit and equity subscribed to Redscan’s ThreatDetect™ MDR Service.

ICG now has far greater confidence in its information security and, if the worst should happen, can respond quickly and effectively to minimise its business risk.

Redscan case study
Industry
Finance
HQ
UK

The Challenge

Summary

  • An ever-changing threat landscape
  • Overwhelmed by security alerts
  • Need for 24/7 monitoring
  • In-house SOC not viable

ICG already had several state-of-the-art security systems and hardware solutions focused on the perimeter of its network. It also conducted annual penetration tests and employed an external consultancy to perform quarterly information security reviews. However, IT Director Lee Lambard knew that all this still wasn’t enough: ICG had to improve its vigilance.

“New threats appear multiple times a day, so it’s an ever-changing landscape,” he explains. “We needed to be able to watch our systems and assess the risks all the time, so that we could detect malicious activity and act quickly to protect the business.”

At the time, ICG was receiving lots of alerts from its antivirus and perimeter security products, but it wasn’t always easy for the IT team to determine what was important and what wasn’t. “It’s not just about having products that can issue security alerts; you have to be able to filter and understand the information that is being fed to you by these systems,” says Lambard.

“We were hearing a lot of ‘noise’ but couldn’t separate the wheat from the chaff. We realised that we needed a team of cyber-security experts who could monitor our systems 24/7 and act appropriately to the alerts, but setting up this kind of specialist operation in-house was an expensive proposition. It wasn’t really an option for a business of our size.”

The Solution

Summary

  • Identifying and eliminating threats
  • Round-the-clock monitoring
  • Cyber security consultancy

After being introduced to Redscan by one of its partners, ICG subscribed to ThreatDetect, for award-winning Managed Detection and Response.

Functioning as an extension of in-house resources, ThreatDetect includes the skilled security personnel, cutting-edge technology and global intelligence needed to identify and eliminate threats. Experienced Cyber Security Operations Centre analysts from Redscan now monitor ICG’s network around-the-clock, helping the business to protect its on-premise and cloud-hosted infrastructure as well as sensitive client data.

To support ICG’s needs further, Redscan also provides cyber security consultancy on a range of matters, such as implementation of new policies and procedures. “We have received great information and advice from Redscan on product selections and investments,” says Lambard. “This has given us added confidence in our security and increased our speed of implementation.”

The Benefits

Increased vigilance
Thanks to Redscan’s ThreatDetect service, ICG is now able to achieve much greater threat visibility. It has the assurance that its network and systems are being constantly monitored for security threats that might impact the business. “If attacks occur, we will know about them much sooner, so will be able to respond more quickly to minimise the risk,” says Lambard.
Board assurance
ICG also has access to a large team of security experts, with all of the latest skills, technologies and knowledge. The business isn’t just reliant on one internal employee who might only be available during working hours or might not have the latest training. “I can offer a higher level of assurance at board level about our information security now,” Lambard says. “Redscan gives us a broader lens on a complex and changing environment.”
Affordable service
ICG recognises that it is significantly cheaper and more convenient to leverage Redscan’s subscription-based ThreatDetect service than try to build a similar facility in-house. It estimates that, if it were to create an internal security operations team to monitor alerts and threats, it would need to employ at least two new members of staff, and more if it wanted to get the 24/7 support provided by Redscan. Plus, as Lambard says, “people with expert security skills demand the highest salaries making them expensive to attract.”
Increased internal confidence
From the outset, ICG had confidence in its relationship with Redscan. Lambard says, “We have empowered Redscan to lock down our systems and remediate if we come under attack and this reflects the level of trust that we have in Redscan.”
Increased customer confidence
ICG’s subscription to ThreatDetect plays an important role in helping the company to reassure its customers about information security. “Our existing and new clients habitually ask us to demonstrate that we have a genuine capability in this area,” Lambard explains. “ThreatDetect enables us to have much more confident, comfortable conversations about information security as part of our clients’ due diligence processes.”
Compliance reporting
As a global business, ICG must adhere to the information security guidelines of multiple regulators, including the UK's Financial Conduct Authority. Redscan is able to offer it up-to-date information about all of these different regulations and deliver transparent reporting to help it ensure compliance. This trusted advice is one of many factors that leads Lambard to say, “Our partnership with Redscan has been one of the most successful that we have ever undertaken.”
Increased awareness
ICG appreciates the reports generated by Redscan’s ThreatDetect service and integrates this data into its internal IT performance dashboard. The reporting information supplied by Redscan helps the business' IT department to demonstrate improvements to the business' cyber security posture and educate employees about evolving threats.
Instant alerts
Recently, there have been a couple of incidents when employees have accessed untrustworthy sites from their office PCs and entered their personal credit card details. Lambard recalls: “Redscan alerted us within minutes, so we could inform the employees and advise them to cancel their credit cards immediately. There is a personal as well as a corporate value from ThreatDetect.”
Expert service
Finally, ICG has had a very positive experience of working with Redscan and greatly values the service that it receives. “Redscan’s differentiator is its staff,” Lambard says. “Its employees are clearly experts in their field and have a high level of expertise, but are also straightforward and great people to work with.”