Award winning managed SOC services for a Luxury Goods Retailer

Editorial Type: Case Study Date: 10-2018 Views: 911 Tags: Security
CLIENT BACKGROUND
A FTSE 100 luxury goods retailer, headquartered in London, with a global footprint

CHALLENGE
Protecting the retailer’s prestigious, high profile brand is continually at the forefront of the Board and Shareholder’s concerns. Its IT Security Operations Director contacted ECS Security to discuss improving the organisation’s ability to detect and respond to constantly evolving cyber threats.

Historically, a global Managed Security Services Provider (MSSP) monitored the retailer’s environment for potential security breaches. However, following a review, they recognised the limitations of the existing MSSP’s ‘off-the-shelf’ services, which could not be customised to meet the business’ requirements. They required a more agile MSSP that could provide a tailored service to satisfy the demands of their business and provide necessary assurances to their Board and Shareholders.

SOLUTION
To meet the client’s bespoke service requirements, ECS Security delivered a hybrid solution, leveraging both shared and dedicated service components. The ECS Security-managed, 24x7 Security Operations Centre (SOC), built on a Splunk platform, works in partnership with a committed on-site presence.

Our dedicated on-boarding team worked with the client to deliver a truly integrated services partnership and a solution that answered their requirements. ECS Security’s SOC teams initially conducted investigation workshops and then used structured collaboration methods to design a service that met the client’s needs. During this consultative process, ECS Security identified additional crucial client requirements and was able to expand the scope to include data analytics, SIEM support and maintenance, and threat hunting activities.

The provision of the Threat Monitoring Service and these additional services continue to drive the security posture of the client forward. New and improved Use Cases are delivered in line with the client’s priorities and built on the ECS Security team’s contextual awareness of the business.

MANAGED SECURITY SERVICES
ECS Security is an innovative MSSP that goes beyond just ticking the necessary compliance boxes. The team delivers bespoke, high-value services to meet client-specific challenges. As a business formed and managed by ex-security leaders, ECS Security’s trusted and transparent approach and enthusiasm for cybersecurity has driven us to become the UK’s leading independent Cyber Security Services company, recognised within the industry and commended and awarded by some of the leading industry publications, vendors and analysts.

The ECS Security SOC, based in the UK, delivers ECS Security’s Managed Services with a shared, highly experienced team. Key to the service is maintaining high contextual awareness of the customer, its business and the wider threat landscape. ECS cap the number of customers per SOC team, ensuring that the team has visibility and learning across a number of customers and maintains a deeper level of knowledge of specific clients.

The Director responsible for MSSP at the client is an experienced industry veteran and commented that the service is “the best they have ever seen, as ECS Security’s agility and the high context the team maintains sets it apart from the rest of the market”.

ECS Security’s experience working with some of the world’s most prestigious companies and focus on SOC mean the teams have the knowledge and expertise to ensure security monitoring that is right for the client.

BENEFITS
Some of the key benefits include:

• Greater visibility of the client’s environment and potential threats – 24x7 proactive threating hunting, investigation and resolution.
• Improved Service Partnership with a SOC team that understands the client’s whole business.
• Increased Service Transparency – ECS provides the client with full visibility of the investigation tools, as well as all actions and investigations.
• Continual Service Improvement based on new monitoring and use cases as a standard – no complex change records or time-consuming discussions.