A PERPETUAL EDGE ON CYBER PROTECTION

How CSI is enabling a multi-branch building society to protect its IT assets from external threats with a combination of cyber security managed services.

Our client: is a multi-branch independent building society founded over 100 years ago. The society serves local communities by sharing knowledge, expertise, physical and online resources for mutual benefit. The company offers a range of mortgage and savings products designed to meet the current and future financial needs of its members and customers.

To find out how we can help you get a perpetual edge on protection...

Contact us

CONTEXT

The nature of building societies’ services gives them access to sensitive financial and personal data.

As a result, cyber criminals are increasingly targeting this sector for information that could be used to their advantage.

GOAL

The society understands that cyber attacks often start with user devices (often via unintentional browsing of unsafe websites) and then moving to more critical enterprise servers.

Our client needed a solution to protect corporate and personal data assets from these cyber threats.

CHALLENGE

Operating in a very competitive market, the society has grown to over 80,000 members. Our client recognises the continued threat of cyber-attacks and the potential impact on the services.

The society’s employees use corporate and personal endpoints from office locations and remotely. In addition, staff productivity and responsiveness are improved through access to the internet and many websites. This convenience is also a security risk.

The society’s internal IT and governance functions lacked the necessary skills and capacity, so a managed service approach was chosen to provide cyber security protection.

ATTACKS CONTINUE TO UTILISE MALICIOUS PROCESSES AND ENDPOINT ENABLED THREATS. HOWEVER, COST, COMPLEXITY AND NOT KNOWING WHAT DATA TO COLLECT FROM AN ENDPOINT HINDER ORGANISATIONS TRYING TO MOVE FROM TRADITIONAL NETWORK CONTROLS TO ENDPOINT CONTROLS. SECURITY MUST FOCUS ON MAXIMUM VISIBILITY FOR DETECTION AND PREVENTION.

SANS Survey on Next-Generation Endpoint Risks and Protections

SOLUTION

CSI already works with the society to provide cloud infrastructure, secure network connectivity and application support. This provided valuable insight to the client’s operations, locations and user environment.

In response to the society’s specific requirements, CSI tailored two complementary managed services:

Managed Endpoint Protection

  • AI-based defence against malware
  • Identification and removal of potentially unwanted programmes
  • Pre-execution prevention

Managed Web Filtering

  • Integrated web filtering and reporting
  • Synchronisation with Active Directory
  • SSL decryption at category level
  • Web access control policy

OUTCOMES

The society deployed CSI’s managed cyber security services to protect office-based and remote users to deliver maximum protection against malware and network-based threats.

CSI worked with the society during a post-implementation monitoring and tuning phase to identify false positives and fully implement access policies.

Risk mitigation is supported by a one-hour target time to respond to threats identified in the society’s estate.

Monthly reporting includes endpoint health assessment, asset updates, web activity based on risk, and shadow IT usage as well as information on any threats discovered during the reporting period.

56%

56% of respondents stated that a lack of skilled staff was a barrier to achieving cyber security success.

1/2

In 2019, more than half of compromised endpoints were attacked by web browser-based downloads.

1 in 3

Only one in three respondents indicated that they were successful in proactively detecting even 10% of threats.