Kroll's Managed Detection and Response Services Elevate a UK Bank's Cyber Risk Mitigation Capabilities

April 11, 2024

https://www.linkedin.com/sharing/share-offsite/url=mailto:?subject=Kroll's%20Managed%20Detection%20and%20Response%20Services%20Elevate%20a%20UK%20Bank's%20Cyber%20Risk%20Mitigation%20Capabilities&body=

The Challenge

Seeking to bolster its operational resilience, a UK bank was on the hunt for a partner to enhance their threat visibility throughout its environment, assuming the responsibility of monitoring key infrastructure and assets around the clock.

Despite not possessing the risk profile of a Tier 1 bank, the bank recognized that it could still be targeted by cybercriminals due to the vast amounts of personal and financial data it processes. This risk was further compounded by the fact that they operated in a hybrid environment that encompasses on-premises legacy infrastructure along with a growing number of workloads in Amazon Web Services’ cloud, including a newly launched online banking portal.

Kroll's Managed Detection and Response Services Elevate a UK Bank's Cyber Risk Mitigation Capabilities

To protect its profits, reputation and ability to carry out business, the bank deemed it essential to strengthen its ability to quickly detect and respond to threats 24/7. In particular, the number of attacks was on the rise, leading to concerns over the potential impact of undetected breaches.

Despite having security information and event management technology in place, the bank was not receiving complete threat visibility. The small in-house security team was struggling to investigate an increasing number of false-positive alarms. As the number of security events continued to grow, the bank found that they would have had to hire a minimum of eight full-time professionals to monitor its entire infrastructure, which was deemed infeasible for a company of its size.

To address these challenges, the bank required a managed security partner that could provide swift threat detection and mitigation services both inside and outside regular business hours, while at the same time meeting the GDPR, Financial Conduct Authority (FCA), and Prudential Regulation Authority (PRA) requirements. Kroll was top of mind.

Kroll's Solution

The process of identifying the most suitable cybersecurity partner and service for their needs was led by the Head of Cybersecurity at the UK bank. The rigorous process concluded that Kroll could offer turnkey security capabilities, offensive security expertise and a proactive approach, which the organization required to reach a higher level of security maturity and respond effectively to the rapidly evolving threat landscape.

Kroll’s differentiator was its MDR service, Kroll Responder. This service provided the bank with the necessary resources including people, technology and intelligence to rapidly identify and respond to prevailing and emerging cyber threats.

Kroll's Managed Detection and Response Services Elevate a UK Bank's Cyber Risk Mitigation Capabilities

The global security operations center (SOC) staff experts at Kroll acted as a virtual extension to the IT team at the bank, analyzing and triaging alerts generated by the service’s underlying technology stack. As a result, the bank received actionable advice and mitigation guidance to respond to cybersecurity incidents as and when they occurred.

Since subscribing to Kroll Responder, the organization has significantly reduced its mean time to detect and respond to threats.

The bank’s Head of Cybersecurity commented.

 

“ An important factor in our choice of security partner was the high level of security expertise within the team at Kroll. We also wanted to partner with a company that was around the same size as us, and on the same trajectory in terms of growth and ambition. We didn’t want to be a small fish in a large ocean of customers."

"I definitely recommend Kroll Responder; it’s an incredible security service. The SOC teams are very knowledgeable, and I value the fact that Kroll aggregates insight about the cyberattacks it sees on other customers and retrospectively applies it to other organizations, so we all benefit from that knowledge. By working in partnership with Kroll, we have significantly improved our operational resilience."

The Impact

Kroll Responder played a significant role in enhancing the operational resilience of the bank, enabling it to achieve a higher level of security maturity—in just a few weeks.

Kroll helped the bank negate the issue of false positives by closely analyzing and investigating security alerts generated by the underlying Kroll Responder technology stack. Consequently, it also helped in equipping the bank’s small in-house security team with more time and resources to focus on incident response and other essential elements of cybersecurity management, without worrying about being dragged down by insignificant alerts.

Kroll's Managed Detection and Response Services Elevate a UK Bank's Cyber Risk Mitigation Capabilities

With Kroll’s SOC teams supplying high-quality incident information, including risk level and kill chain analysis as well as actionable mitigation guidance, the bank could respond quickly and effectively to security attacks. The incident information was communicated via Kroll's Threat Management platform—a secure and reliable service available for managing security incidents.

In addition to the incident information and insights supplied through Kroll’s threat management platform, a monthly service report was delivered. The report was valuable in enhancing situational awareness among key business stakeholders and streamlining the process of providing evidence of compliance with the GDPR, FCA and PRA requirements. With this service, Kroll’s client could keep on top of vulnerabilities and focus on improving security monitoring, ensuring that at-risk systems are continually hardened.

Overall, the exceptional customer service and security expertise offered by Kroll changed the game for their client, giving them the confidence they need to continue to grow securely and safely.

Need help staying ahead of a complex challenge?

Talk to an Expert

Stay Ahead with Kroll

Kroll Responder MDR for Microsoft Security

Kroll Responder managed detection and response for Microsoft delivers enriched telemetry, frontline threat intelligence and Complete Response capabilities to maximize the value of your native endpoint and cloud technology.

Learn More

MDR for Microsoft 365

Immediately elevate your Office 365 security with 24x7 monitoring, analysis, and automated response using Kroll Responder for Office 365. Detect and respond to threats targeting email, Sharepoint, and third-party plugins leveraging frontline threat intelligence.

Learn More