Optimized Security Operations and Cyber Governance for Asset Management Firm

Concerned about the growing cyber threat and potential impact that a large-scale breach could have on its business, a specialist asset manager investing in private debit, credit and equity subscribed to the Kroll Responder managed detection and response (MDR) service.

The company now has far greater confidence in its information security and, if the worst should happen, can respond quickly and effectively to minimise its business risk.



  • Finance
  • Overwhelmed by security alerts
  • A requirement for 24/7 monitoring
  • In-house global security operations centre (SOC) not viable



Kroll Services
  • Kroll Responder MDR
  • Cyber security consultancy
  • Greater threat visibility
  • Increased customer confidence
  • Enhanced compliance reporting

The Challenge

The organization already had several state-of-the-art security systems and hardware solutions focused on the perimeter of its network. It also conducted annual penetration tests and employed an external consultancy to perform quarterly information security reviews. However, the IT Director knew that all this still wasn’t enough; the firm had to improve its vigilance.

“New threats appear multiple times a day, so it’s an ever-changing landscape,” he explains. “We needed to be able to watch our systems and assess the risks all the time, so that we could detect malicious activity and act quickly to protect the business.”

At the time, the company was receiving many alerts from its antivirus and perimeter security products, but it wasn’t always easy for the IT team to determine what was important and what wasn’t. As the company’s IT Director explains:


“It’s not just about having products that can issue security alerts; you have to be able to filter and understand the information that is being fed to you by these systems,” 


“We were hearing a lot of ‘noise’ but couldn’t separate the wheat from the chaff. We realized that we needed a team of cyber-security experts who could monitor our systems 24/7 and act appropriately to the alerts, but setting up this kind of specialist operation in-house was an expensive proposition. It wasn’t really an option for a business of our size.”


Kroll's Solution

After being introduced to Kroll by one of its partners, the specialist asset manager subscribed to Kroll Responder for award-winning MDR.

Functioning as an extension of in-house resources, Kroll Responder includes the skilled security personnel, cutting-edge technology and global intelligence needed to identify and eliminate threats. Experienced global SOC analysts from Kroll now monitor the network around the clock, helping the business protect its on-premises and cloud-hosted infrastructure as well as sensitive client data.

To support the organization's needs further, Kroll also provides cyber security consultancy on a range of matters, such as implementation of new policies and procedures. “We have received great information and advice from Kroll on product selections and investments,” says the IT Director. “This has given us added confidence in our security and increased our speed of implementation.”

The Impact


Increased Vigilance

Thanks to the Kroll Responder service, the firm is now able to achieve much greater threat visibility. It has the assurance that its network and systems are being constantly monitored for security threats that might impact the business. “If attacks occur, we will know about them much sooner, so will be able to respond more quickly to minimise the risk.”


Board Assurance

The organization also has access to a large team of security experts, with all the latest skills, technologies and knowledge. The business isn’t reliant on just one internal employee who might only be available during working hours or might not have the latest training. Its IT Director comments, “I can offer a higher level of assurance at board level about our information security now. Kroll gives us a broader lens on a complex and changing environment.”


Affordable Service

The company recognizes that it is significantly cheaper and more convenient to leverage Kroll’s subscription-based Kroll Responder service than try to build a similar facility in-house. It estimates that, if it were to create an internal security operations team to monitor alerts and threats, it would need to employ at least two new staff members, and more if it wanted to get the 24/7 support provided by Kroll. Plus, as the IT Director says, “People with expert security skills demand the highest salaries, making them expensive to attract.”


Increased Internal Confidence

From the outset, the firm had confidence in its relationship with Kroll. The IT Director says, “We have empowered Kroll to lock down our systems and remediate if we come under attack and this reflects the level of trust that we have in Kroll.”


Increased Customer Confidence

The company’s subscription to Kroll Responder plays an important role in helping it to reassure its customers about information security. Its IT Director says, “Our existing and new clients habitually ask us to demonstrate that we have a genuine capability in this area. Kroll Responder enables us to have much more confident, comfortable conversations about information security as part of our clients’ due diligence processes.”


Compliance Reporting

As a global business, the company must adhere to the information security guidelines of multiple regulators, including the UK’s Financial Conduct Authority. Kroll is able to offer it up-to-date information about all of these different regulations and deliver transparent reporting to help it ensure compliance. This trusted advice is one of many factors that leads the IT Director to say, “Our partnership with Kroll has been one of the most successful that we have ever undertaken.”


Increased Awareness

The company appreciates the reports generated by Kroll Responder and integrates this data into its internal IT performance dashboard. The reporting information supplied by Kroll helps the company’s IT department demonstrate improvements to the business’ cyber security posture and educate employees about evolving threats.


Instant Alerts

Since working with Kroll, the company has experienced a few incidents in which employees accessed untrustworthy sites from their office PCs and entered their personal credit card details. The IT Director recalls: “Kroll alerted us within minutes, so we could inform the employees and advise them to cancel their credit cards immediately. There is a personal as well as a corporate value from Kroll Responder.”


Expert Service

Finally, the organization has had a positive experience of working with Kroll and greatly values the service that it receives. “Kroll’s differentiator is its staff. Its employees are clearly experts in their field and have a high level of expertise, but are also straightforward and great people to work with.”

Learn more about Kroll Responder, our Managed Detection and Response Solution

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Kroll Responder MDR

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

Malware Analysis and Reverse Engineering

Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.

Malware and Advanced Persistent Threat Detection

Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.

24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Computer Forensics

Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.