Strengthened Security Posture for Global Asset Management Firm

With prestigious corporate investors and banking partners, this independent global asset manager has a responsibility to provide exceptional data and network security.

It reduced the risks to its business and aligned with the requirements of financial regulators by subscribing to Kroll Responder, Kroll’s award-winning managed detection and response (MDR) service.

Overview

 

Industry
  • Finance
 
Challenges
  • Requirement to protect high-value assets
  • No visibility beyond the perimeter
  • Growing regulatory pressures

 

 

Kroll Services
  • Kroll Responder MDR
 
Impact
  • Reduced load on in-house team
  • Enhanced visibility
  • Comprehensive security insight

The Challenge

All businesses in the financial services industry need robust IT security, and this organization is no exception. It manages assets for a wide range of clients and is keenly aware of its responsibility to protect all related information.

Critically, the firm also needs to ensure that there are no weaknesses in its own network that might be exploited by hackers as a means of infiltrating the networks of its many financial partners. The Head of IT Infrastructure says: “If hackers were to see us as an easy target, they might try to use us as a back door into the systems of our counterparties, and this would cause immeasurable damage to our reputation.”

The organization had antivirus software and firewalls, which provided an essential first line of defence. However, if hackers or malware were to penetrate these barriers, the company had no means of monitoring its IT infrastructure to detect unauthorized activity on its network. The Head of IT Infrastructure says, “There were times when we noticed PCs acting oddly, even when our antivirus software gave them the all-clear.” The organization therefore decided to implement proactive network monitoring to improve its IT security and reduce the risks to its business.

The organization was comfortable that it complied with the IT security standards set out by the Financial Conduct Authority (FCA) in the UK, and other similar regulatory bodies around the world, but it anticipated that these industry requirements would soon become more stringent.

Kroll's Solution

The small IT team was familiar with intrusion detection systems (IDS). However, as the Head of IT Infrastructure explains, such solutions “generate a huge amount of reporting data, which no one person can monitor.” He estimated that he would need to employ “a dedicated team of at least 2-3 extra people to make an in-house IDS work,” which was cost-prohibitive to the business.

Then, he discovered Kroll Responder, an unrivalled MDR service from Kroll. Kroll Responder merges Kroll’s frontline threat intelligence and incident response experience; proprietary forensic tools; and rich telemetry from endpoints, network, cloud and SaaS providers to deliver enhanced visibility and rapidly shut down cyber threats.

The Impact

Increased Confidence

The organization is confident that its data is far more secure than it was before. Its Head of IT Infrastructure comments, “We  now feel that we are doing our utmost as a business to protect our data. Kroll Responder is a cost-effective service that gives us complete peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners.”

Reduced Risk

As the company’s network is being monitored 24/7, there is far less risk of it being used by hackers as a gateway to the IT infrastructures of other organizations. If a breach does occur, the in-house IT team will be alerted promptly to ensure any nefarious activity is shut down and eliminated.

Affordable Service

Kroll Responder is considerably more affordable than other managed IT security services, which the Head of IT Infrastructure believes are often priced for large corporations. “Cost is often a barrier to managed services for businesses like us,” he says. “Services like Kroll Responder for small and medium-sized businesses are few and far between.”

Increased Cyber Awareness

The firm’s clients are becoming more aware of cyber security risks. “They now know to ask questions and what questions to ask,” says the Head of IT Infrastructure. “Having Kroll Responder covers these questions simply and clearly.”

Vital Security Intelligence

There was one unexpected consequence to the Kroll Responder service. “As an IT team we are now busier because Kroll highlights issues that we need to address, but that’s certainly not a negative of the service. Kroll is simply telling us what we need to know—and probably wouldn’t know without a service like this.”

Learn more about Kroll Responder, our Managed Detection and Response Solution


Kroll Responder MDR

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Cyber Risk Retainer

Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.


Ransomware Preparedness Assessment

Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.

Strategic Communications Services

Deftly navigate a host of risk and reputational landmines caused by a cyber crisis with a full suite of strategic communications support for incident response, preparedness and training.