Marc Brawner
Global Head of Managed Services
Cyber Risk
Thu, Apr 11, 2024
Kroll's Managed Detection and Response Services Elevate a UK Bank's Cyber Risk Mitigation Capabilities
Discover how Kroll’s MDR service, Kroll Responder, provided the necessary resources to identify and respond to emerging and prevalent cyber threats.
The Challenge
The Challenge
Seeking to bolster its operational resilience, a UK bank was on the hunt for a partner to enhance their threat visibility throughout its environment, assuming the responsibility of monitoring key infrastructure and assets around the clock.
Despite not possessing the risk profile of a Tier 1 bank, the bank recognized that it could still be targeted by cybercriminals due to the vast amounts of personal and financial data it processes. This risk was further compounded by the fact that they operated in a hybrid environment that encompasses on-premises legacy infrastructure along with a growing number of workloads in Amazon Web Services’ cloud, including a newly launched online banking portal.
To protect its profits, reputation and ability to carry out business, the bank deemed it essential to strengthen its ability to quickly detect and respond to threats 24/7. In particular, the number of attacks was on the rise, leading to concerns over the potential impact of undetected breaches.
Despite having security information and event management technology in place, the bank was not receiving complete threat visibility. The small in-house security team was struggling to investigate an increasing number of false-positive alarms. As the number of security events continued to grow, the bank found that they would have had to hire a minimum of eight full-time professionals to monitor its entire infrastructure, which was deemed infeasible for a company of its size.
To address these challenges, the bank required a managed security partner that could provide swift threat detection and mitigation services both inside and outside regular business hours, while at the same time meeting the GDPR, Financial Conduct Authority (FCA), and Prudential Regulation Authority (PRA) requirements. Kroll was top of mind.
Kroll's Solution
Kroll's Solution
The process of identifying the most suitable cybersecurity partner and service for their needs was led by the Head of Cybersecurity at the UK bank. The rigorous process concluded that Kroll could offer turnkey security capabilities, offensive security expertise and a proactive approach, which the organization required to reach a higher level of security maturity and respond effectively to the rapidly evolving threat landscape.
Kroll’s differentiator was its MDR service, Kroll Responder. This service provided the bank with the necessary resources including people, technology and intelligence to rapidly identify and respond to prevailing and emerging cyber threats.The global security operations center (SOC) staff experts at Kroll acted as a virtual extension to the IT team at the bank, analyzing and triaging alerts generated by the service’s underlying technology stack. As a result, the bank received actionable advice and mitigation guidance to respond to cybersecurity incidents as and when they occurred.
Since subscribing to Kroll Responder, the organization has significantly reduced its mean time to detect and respond to threats.
The bank’s Head of Cybersecurity commented.
“ An important factor in our choice of security partner was the high level of security expertise within the team at Kroll. We also wanted to partner with a company that was around the same size as us, and on the same trajectory in terms of growth and ambition. We didn’t want to be a small fish in a large ocean of customers."
"I definitely recommend Kroll Responder; it’s an incredible security service. The SOC teams are very knowledgeable, and I value the fact that Kroll aggregates insight about the cyberattacks it sees on other customers and retrospectively applies it to other organizations, so we all benefit from that knowledge. By working in partnership with Kroll, we have significantly improved our operational resilience."
The Impact
The Impact
Kroll Responder played a significant role in enhancing the operational resilience of the bank, enabling it to achieve a higher level of security maturity—in just a few weeks.
Kroll helped the bank negate the issue of false positives by closely analyzing and investigating security alerts generated by the underlying Kroll Responder technology stack. Consequently, it also helped in equipping the bank’s small in-house security team with more time and resources to focus on incident response and other essential elements of cybersecurity management, without worrying about being dragged down by insignificant alerts.
With Kroll’s SOC teams supplying high-quality incident information, including risk level and kill chain analysis as well as actionable mitigation guidance, the bank could respond quickly and effectively to security attacks. The incident information was communicated via Kroll's Threat Management platform—a secure and reliable service available for managing security incidents.
In addition to the incident information and insights supplied through Kroll’s threat management platform, a monthly service report was delivered. The report was valuable in enhancing situational awareness among key business stakeholders and streamlining the process of providing evidence of compliance with the GDPR, FCA and PRA requirements. With this service, Kroll’s client could keep on top of vulnerabilities and focus on improving security monitoring, ensuring that at-risk systems are continually hardened.
Overall, the exceptional customer service and security expertise offered by Kroll changed the game for their client, giving them the confidence they need to continue to grow securely and safely.
Need help staying ahead of a complex challenge?
Kroll Responder MDR
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Kroll Responder MDR for Microsoft Security
Kroll Responder managed detection and response for Microsoft delivers enriched telemetry, frontline threat intelligence and Complete Response capabilities to maximize the value of your native endpoint and cloud technology.
MDR for Microsoft 365
Immediately elevate your Office 365 security with 24x7 monitoring, analysis, and automated response using Kroll Responder for Office 365. Detect and respond to threats targeting email, Sharepoint, and third-party plugins leveraging frontline threat intelligence.
Discover More Client Stories
Client Story
Client Story
Seamless Response to Ransomware and a Cyber Resilience Upgrade
Apr 4, 2024
Learn how Kroll’s support has enhanced cyber resilience and fortified our client’s cybersecurity strategy.Client Stories
Resolving a Highly Complex Security Breach for a Global Multinational
Feb 14, 2023
Discover how Kroll employed its integrated expertise in Cyber Security Services, Financial Fraud, Workflow Assessment, and Physical Security Services to resolve and enable a fast recovery from the damage caused by a highly complex security breach.Kroll is headquartered in New York with offices around the world.
55 East 52nd Street 17 Fl
New York NY 10055
Sign up to receive periodic news, reports, and invitations from Kroll.
Our privacy policy describes how your data will be processed.
© 2024 Kroll, LLC. All rights reserved.
Kroll is not affiliated with Kroll Bond Rating Agency,
Kroll OnTrack Inc. or their affiliated businesses. Read more.