Thu, Mar 28, 2024

Enhancing Security Visibility for a Leading Asset Management Firm

Through an outcome-driven approach, Kroll offered the expertise and network and endpoint detection technologies its client needed to manage threats.

The Challenge

Enhancing Security Visibility for a Leading Asset Management Firm

An asset management company based in the UK sought to enhance security visibility across its hybrid infrastructure and allow its in-house IT team to shift focus from detection to remediation of threats. The company was acutely aware of the potential harm a data breach could inflict on its reputation and client relationships and wanted to minimize these risks while adhering to regulatory requirements, including those set forth by the Financial Conduct Authority.

Despite a long-standing commitment to cybersecurity, the company faced a challenge due to the absence of a dedicated security team. Consequently, it struggled to obtain a full picture of security events across its environments. The goal was to enhance its security capabilities to detect and respond to threats, a task unattainable with only its in-house resources.

Prior attempts with numerous security information and event management (SIEM) and endpoint detection and response (EDR) platforms proved unsuccessful. These tools failed to provide a cohesive or centralized view, as the alerts were scattered across disparate systems. Predominantly, false positives were being generated and the tools retained limited logs of activity, making it challenging for the in-house team to investigate historical incidents, analyze trends or conduct threat hunting.

Kroll's Solution

Enhancing Security Visibility for a Leading Asset Management Firm

Following discontentment with multiple SIEM and EDR tools, the company recognized the need for specialized support from a Managed Detection and Response (MDR) provider. To ensure that Kroll Responder was the ideal solution for their security needs and would deliver the desired results, a proof of concept was conducted.

Kroll Responder offered the necessary network and endpoint technologies along with their invaluable expertise and a result-oriented methodology. Kroll’s global security operations center (SOC) teams tirelessly investigate and assess alerts around the clock, 365 days a year, offering actionable remediation advice for the in-house team to swiftly and effectively respond to incidents.

By seamlessly integrating Kroll’s threat management platform into Kroll Responder, the company successfully achieved a centralized and heightened level of visibility. All threat notifications now arrive within a singular, streamlined platform, eliminating the need to navigate across multiple technologies. Through the delivery of precise incident notifications, Kroll Responder significantly optimized the operational efficiency of the in-house team, ensuring focused investigation solely into alerts validated as genuine threats.

Our partnership with Kroll frees up our time and gives us the reassurance that our infrastructure and assets are being proactively monitored. We’re very pleased with the service we receive. Across the whole service, whether it’s the global security operations center (SOCs) team or the program management team, Kroll looks after us very well.
The company’s IT Director said

The Impact

Enhancing Security Visibility for a Leading Asset Management Firm

Unified Visibility

Through the adoption of Kroll Responder, the company achieved a comprehensive and centralized view across its environments. This streamlined approach allowed the company's IT team to prioritize their focus, knowing that Kroll Responder verifies the authenticity of security alerts. Kroll's threat management platform further enables the company to comprehensively monitor its environments, manage security incidents and attain its desired security outcomes—all through a unified solution.

Enhanced Security Capability

Before partnering with Kroll, the company's small IT team lacked the capacity to respond to and assess the multitude of security alerts generated by the various detention technologies being tested. The support provided by Kroll's global SOC teams offers assurance that critical security events won't go unnoticed, ensuring swift and effective responses 24/7/365.

Greater Return from Security Tools

The company had previously invested in multiple security technologies but found that they were not delivering the desired value. Collaborating with Kroll has enabled them to maximize the effectiveness of these tools, ultimately achieving a better return on investment.

Historical Overview

Unlike the previous threat detection tool, which had limited historical data retention, Kroll stores and analyzes security logs and data for up to 12 months. This extended historical insight enhances threat detection and enables the observation of trends over a longer time frame.

Secure Cloud Migration

Kroll played a pivotal role in supporting their client’s transition from private to public cloud, ensuring service continuity and effective monitoring of both on-premises infrastructure and cloud-based services, including the monitoring of Microsoft 365.

The Latest Threat Intelligence

The company values Kroll's weekly Threat Intelligence updates, which provide the team with a clearer overview of the security landscape and the vulnerabilities that require prioritization.

Ultimately, by choosing Kroll Responder, Kroll’s award-winning managed detection and response (MDR) service, the business now benefits from an extended monitoring capability and additional expertise to identify and respond to security incidents faster and more effectively, 24/7/365.

Need help staying ahead of a complex challenge?

Talk to an Expert

Kroll Responder MDR

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

Kroll Responder MDR for Microsoft Security

Kroll Responder managed detection and response for Microsoft delivers enriched telemetry, frontline threat intelligence and Complete Response capabilities to maximize the value of your native endpoint and cloud technology.

MDR for Microsoft 365

Immediately elevate your Office 365 security with 24x7 monitoring, analysis, and automated response using Kroll Responder for Office 365. Detect and respond to threats targeting email, Sharepoint, and third-party plugins leveraging frontline threat intelligence.

Discover More Client Stories
Client Story

Client Story

Seamless Response to Ransomware and a Cyber Resilience Upgrade

Seamless Response to Ransomware and a Cyber Resilience Upgrade

Apr 4, 2024
Learn how Kroll’s support has enhanced cyber resilience and fortified our client’s cybersecurity strategy.

Client Stories

Resolving a highly complex security breach for a Global Multinational

Resolving a Highly Complex Security Breach for a Global Multinational

Feb 14, 2023
Discover how Kroll employed its integrated expertise in Cyber Security Services, Financial Fraud, Workflow Assessment, and Physical Security Services to resolve and enable a fast recovery from the damage caused by a highly complex security breach.