The Challenge
All businesses in the financial services industry need robust IT security, and this organization is no exception. It manages assets for a wide range of clients and is keenly aware of its responsibility to protect all related information.
Critically, the firm also needs to ensure that there are no weaknesses in its own network that might be exploited by hackers as a means of infiltrating the networks of its many financial partners. The Head of IT Infrastructure says: “If hackers were to see us as an easy target, they might try to use us as a back door into the systems of our counterparties, and this would cause immeasurable damage to our reputation.”
The organization had antivirus software and firewalls, which provided an essential first line of defence. However, if hackers or malware were to penetrate these barriers, the company had no means of monitoring its IT infrastructure to detect unauthorized activity on its network. The Head of IT Infrastructure says, “There were times when we noticed PCs acting oddly, even when our antivirus software gave them the all-clear.” The organization therefore decided to implement proactive network monitoring to improve its IT security and reduce the risks to its business.
The organization was comfortable that it complied with the IT security standards set out by the Financial Conduct Authority (FCA) in the UK, and other similar regulatory bodies around the world, but it anticipated that these industry requirements would soon become more stringent.
Kroll's Solution
The small IT team was familiar with intrusion detection systems (IDS). However, as the Head of IT Infrastructure explains, such solutions “generate a huge amount of reporting data, which no one person can monitor.” He estimated that he would need to employ “a dedicated team of at least 2-3 extra people to make an in-house IDS work,” which was cost-prohibitive to the business.
Then, he discovered Kroll Responder, an unrivalled MDR service from Kroll. Kroll Responder merges Kroll’s frontline threat intelligence and incident response experience; proprietary forensic tools; and rich telemetry from endpoints, network, cloud and SaaS providers to deliver enhanced visibility and rapidly shut down cyber threats.
The Impact
Increased Confidence
The organization is confident that its data is far more secure than it was before. Its Head of IT Infrastructure comments, “We now feel that we are doing our utmost as a business to protect our data. Kroll Responder is a cost-effective service that gives us complete peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners.”
Reduced Risk
As the company’s network is being monitored 24/7, there is far less risk of it being used by hackers as a gateway to the IT infrastructures of other organizations. If a breach does occur, the in-house IT team will be alerted promptly to ensure any nefarious activity is shut down and eliminated.
Affordable Service
Kroll Responder is considerably more affordable than other managed IT security services, which the Head of IT Infrastructure believes are often priced for large corporations. “Cost is often a barrier to managed services for businesses like us,” he says. “Services like Kroll Responder for small and medium-sized businesses are few and far between.”
Increased Cyber Awareness
The firm’s clients are becoming more aware of cyber security risks. “They now know to ask questions and what questions to ask,” says the Head of IT Infrastructure. “Having Kroll Responder covers these questions simply and clearly.”
Vital Security Intelligence
There was one unexpected consequence to the Kroll Responder service. “As an IT team we are now busier because Kroll highlights issues that we need to address, but that’s certainly not a negative of the service. Kroll is simply telling us what we need to know—and probably wouldn’t know without a service like this.”
Learn more about Kroll Responder, our Managed Detection and Response Solution