FinTech

To support its continued growth, a Fintech organisation wanted to show prospective clients evidence of its security maturity while protecting its infrastructure and achieving regulatory compliance with the Financial Conduct Authority (FCA).

Working in partnership with Sapphire and their Managed Security Services, the organisation has enhanced its security visibility and maturity while keeping costs and resources to a minimum.

The Challenge

The organisation needed to enhance its cybersecurity programme and keep its clients secure whilst supporting its internal and market growth strategies. The organisation is subject to stringent compliance requirements in the financial services sector.

From customers requiring evidence of the cybersecurity controls the organisation has in place to the need to report its security maturity to the Financial Conduct Authority (FCA), the fintech organisation recognised that it did not have the resources in-house to deal with these demands.

The Cyber Security and Compliance Director said, “We’re in an industry where our clients need evidence of our ability to secure our services. We’re growing and expanding into new markets and services, and therefore, we require more controls, especially around the logging and monitoring security events.”

A white paper was commissioned internally, written by the Cyber Security and Compliance Director, to identify solutions to scale up their cybersecurity capabilities. The whitepaper presented to the organisation suggested two options:

  • Bringing cybersecurity operations in-house
  • Outsourcing cybersecurity operations externally

“Keeping cybersecurity in-house was suggested; however, the up-keep and continuous recruitment of SOC analysts is expensive. Investing in a large team of cybersecurity professionals and managing that 24x7x365 was not a practical option in the long term. My recommendation was to outsource our cybersecurity to a managed service provider.”

MSSP Selection Process

The Cyber Security Director had previously used Sapphire Professional Services for various specific cybersecurity projects. He now sought their expertise in the growth, management and delivery of security services – his Managed Security Service Provider (MSSP) of choice.

“I was invited to Sapphire’s National Information Security Conference (NISC) a few years ago and was sold on their cybersecurity knowledge. Sapphire has an acute understanding of the type of threats that put organisations in the financial services sector at risk. Having experienced their quality of service in all my subsequent roles, it made sense to contact Sapphire again. Their approach to cybersecurity is to work with organisations in partnership and to bridge the gap in a customer’s expertise and knowledge.”

case studies

Introduction

results

Impact of Sapphire’s Managed Security Solutions:

The fintech organisation receives 24x7x365 threat monitoring, logging, analysis, notification, and threat hunting via Sapphire’s dedicated UK-based Security Operations Centre (SOC). The organisation is now resilient and better equipped to respond effectively to cyber threats.

Sapphire’s SOC analysts are an extension of the organisation’s IT team. Sapphire’s support has enabled the fintech organisation to maximise efficiency and accuracy while allowing them to focus on what matters most.

The Managed SIEM service has increased the level of monitoring and logging. Sapphire collects and processes data from across the organisation, including all devices and systems, providing a centralised view of all security events as they occur.

The organisation is now able to provide external auditors with improved cybersecurity reporting, showing comprehensive monitoring and alerting.

UK Based Security Operations Centre (SOC)

In their due diligence, the organisation’s clients often ask where their cybersecurity operations are located due to data processing laws and stringent compliance requirements.

This question was an important one. Sapphire, which provides a UK-based MSSP and Security Operation Centre (SOC), has all its data collection, processing and analyst investigations conducted entirely within the United Kingdom.

Sapphire’s Cyber Security Solutions

Sapphire recommended a Managed Security Information and Event Management (SIEM) and Managed Threat Intelligence service to meet the fintech organisation’s growing needs.

The Managed SIEM enables the fintech organisation to benefit from 24x7x365 monitoring and alerting of all security events across their environment. Sapphire’s SOC analysts quickly and efficiently identify, prioritise, and rapidly address all cybersecurity threats across the organisation.

The information gathered from threat intelligence feeds uses premium threat intelligence sources and proprietary and open-source intelligence, allowing analysts to make more informed decisions in proactively protecting the company and reducing risk to their organisation.

“The onboarding and implementation were shorter than our expected timescales. Once we started our relationship with Sapphire, the entire process was easy. We instantly saw value in using their Managed SIEM service.”