In late 2019, the client engaged Cythera to discuss their cyber security visibility and detection challenges. They were concerned with their cyber risk and committed to prioritising it going forward. While they recognised their need for enhanced security visibility, they did not have the internal capabilities to manage this, as well as detect and respond to threats efficiently.

They aspired to build a more robust security capability but did not have the resources to do this in-house.

To add to the pressure, the start of this project coincided with the early stages of the COVID-19 pandemic. That meant the internal IT team was busy making it possible for over 1,000 employees to shift to working remotely full-time.

The client was asking for a security information and event management solution incorporating periodic vulnerability scanning. They also wanted web filtering to monitor remote employees and protect their network that now contained off-site endpoints.

They had identified deficiencies both within their own team and among their vendors, particularly in responding proactively to threats.

Cythera proposed a cost-effective security improvement strategy. The solution contained an always-on combination of Managed Detection and Response (MDR), a Penetration Testing program and Vulnerability Management services underpinned by Rapid7 technology.

Custom features included:

·    Threat triage;

·    Guided response;

·    Proactive recommendations;

·    Secure gateways;

·    NIST security assessments; and

·    Penetration testing.

During the consultation phase, it became clear that some of the requested services were not in the client’s best interest. Cythera recommended alternatives where necessary, one example being continuous vulnerability scanning, rather than incidental.

Cythera’s Rapid7 solution incorporates InsightIDR,InsightVM and InsightConnect Pro. All were quickly deployed without heavy reliance on the law firm’s internal IT team, leaving them free to aid the organisation’s transition to remote working.

Cythera managed the onboarding process and timely transition to the managed service. With Senior Analysts sitting on the client’s team, they were able to act and respond effectively on behalf of the client. This approach ensured the solution was perfectly aligned with the client’s needs.

In just 4 weeks, the client was fully equipped with a 24x7 managed cyber security monitoring, detection and response service. Features included attacker behaviour-based analytics, vulnerability management and proactive incident response, to name a few.

Cythera deployed the managed security service with minimal interruption and has since implemented further managed security control across the client environment. These additions include Managed Endpoint Detection and Response utilising technology from CrowdStrike and a Managed Secure Gateway and Data Loss Prevention solution, underpinned by Netskope.

The new solution identified a previously undetected breach within 8 days. The Cythera Incident Response team was then able to isolate the asset and prevent a potential catastrophe for the prominent brand.

Within weeks, the client welcomed:

·    Network visibility;

·    Incident detection and response;

·    Data loss prevention;

·    Compliance assurance;

·    Brand reputation protection;

·    Financial risk mitigation;

·    In-house infrastructure expertise;

·    Insight into employee activity; and

·    Security strategy cost savings.

Most valued by the organisation, though, was the peace of mind Cythera gave them.

The customer’s General Manager of Digital and Technology  noted that, on top of seamless technological solutions, Cythera’s strategic implementation of processes and protocol provided certainty that no ‘ticking time bombs’ were lurking in the depths of their infrastructure.

In the time since Cythera has worked with this client, they have remained incident free. For such a high-profile organisation, that is a remarkable feat.