Get in Touch Close Menu

CASE STUDY: FINTECH ORGANISATION

14 November 2022
fintech cybersecurity

Introduction

To support its continued growth, a Fintech organisation wanted to show prospective clients evidence of its security maturity while protecting its infrastructure and achieving regulatory compliance with the Financial Conduct Authority (FCA).

Working in partnership with Sapphire and their Managed Security Services, the organisation has enhanced its security visibility and maturity while keeping costs and resources to a minimum.

The Challenge

The organisation needed to enhance its cybersecurity programme and keep its clients secure whilst supporting its internal and market growth strategies. The organisation is subject to stringent compliance requirements in the financial services sector.

From customers requiring evidence of the cybersecurity controls the organisation has in place to the need to report its security maturity to the Financial Conduct Authority (FCA), the fintech organisation recognised that it did not have the resources in-house to deal with these demands.

The Cyber Security and Compliance Director, said, “We’re in an industry where our clients need evidence of our ability to secure our services. We’re growing and expanding into new markets and services, and therefore we require more controls, especially around the logging and monitoring security events.”

A white paper was commissioned internally, written by the Cyber Security and Compliance Director, to identify solutions to scale up their cybersecurity capabilities.

The whitepaper presented to the organisation suggested two options:

  • Bringing cybersecurity operations in-house
  • Outsourcing cybersecurity operations externally

“Keeping cybersecurity in-house was suggested; however, the up-keep and continuous recruitment of SOC analysts is expensive. Investing in a large team of cybersecurity professionals and managing that 24x7x365 was not a practical option in the long term.

My recommendation was to outsource our cybersecurity to a managed service provider.”

 

MSSP Selection Process

The Cyber Security Director had previously used Sapphire Professional Services for various specific cybersecurity projects. He now sought their expertise in the growth, management and delivery of security services – his Managed Security Service Provider (MSSP) of choice.

“I was invited to Sapphire’s National Information Security Conference (NISC) a few years ago and was sold on their cybersecurity knowledge. Sapphire has an acute understanding of the type of threats that put organisations in the financial services sector at risk.

Having experienced their quality of service in all my subsequent roles, it made sense to contact Sapphire again. Their approach to cybersecurity is to work with organisations in partnership and to bridge the gap in a customer’s expertise and knowledge.”

 

UK-based Security Operations Centre (SOC)

UK-based Security Operations Centre (SOC)

In their due diligence, the organisation’s clients often ask where their cybersecurity operations are located due to data processing laws and stringent compliance requirements.

This question was an important one. Sapphire, which provides a UK-based MSSP and Security Operation Centre (SOC), has all its data collection, processing and analyst investigations conducted entirely within the United Kingdom.

 

SAPPHIRE’S CYBERSECURITY SOLUTIONS

Sapphire recommended a Managed Security Information and Event Management (SIEM) and Managed Threat Intelligence service to meet the fintech organisation’s growing needs.

The Managed SIEM enables the fintech organisation to benefit from 24x7x365 monitoring and alerting of all security events across their environment. Sapphire’s SOC analysts quickly and efficiently identify, prioritise, and rapidly address all cybersecurity threats across the organisation.

The information gathered from threat intelligence feeds uses premium threat intelligence sources and proprietary and open-source intelligence, allowing analysts to make more informed decisions in proactively protecting the company and reducing risk to their organisation.

“The onboarding and implementation were shorter than our expected timescales. Once we started our relationship with Sapphire, the entire process was easy.

We instantly saw value in using their Managed SIEM service.”

 

Impact of Sapphire’s Managed Security Services

24x7x365 support

The fintech organisation receives 24x7x365 threat monitoring, logging, analysis, notification, and threat hunting via Sapphire’s dedicated UK-based Security Operations Centre (SOC). The organisation is now resilient and better equipped to respond effectively to cyber threats

 

extension of the IT team

Sapphire’s SOC analysts are an extension of the organisation’s IT team. Sapphire’s support has enabled the fintech organisation to maximise efficiency and accuracy while allowing them to focus on what matters most

 

increased monitoring and logging

The Managed SIEM service has increased the level of monitoring and logging. Sapphire collects and processes data from across the organisation, including all devices and systems, providing a centralised view of all security events as they occur.

 

 

Contact Sapphire Today

Sapphire has over 25 years experience
mitigating cyber risk for some of the UK’s
largest organisations.

For our clients, this means access to the best
possible people, processes and technology, all
continually augmented to match a highly fluid
threat landscape.

Whether it is securing physical hardware,
managing cloud risk or developing a security
strategy mapped to your organisation.

For all additional information or enquiries
contact us today.

Name
I agree to the terms & conditions

Related Articles

 Cyber Security Risk Management: A Detailed Guide
20 March 2023

The increased digitisation of our world means the threat of cyberattacks and data breaches continues to grow. No organisation is immune to the risks of cybersecurity threats. In fact, a recent study shows the average time to identify and contain a data breach is 277 days, at an average cost of $4.35 million. That’s why cyber […]

Find Out More
 What Is UEBA? User and Entity Behaviour Analytics Guide

Traditional security measures to deal with cybersecurity threats are no longer enough to protect a company’s sensitive data and assets. Therefore, companies need a solution that can detect and respond to potential threats in real time, and that’s where user and entity behaviour analytics (UEBA) comes in. In this article, we’ll explore UEBA in more […]

Find Out More
 Web Firewall Application: Securing Online Applications

Application layer attacks or DDoS (Denial of Service Attacks)are the leading cause of breaches. However, a web application firewall (WAF) prevents malicious traffic from accessing web applications. While a web application firewall is not meant to defend against all types of attacks, it is a great tool to have in your arsenal. Let’s look at […]

Find Out More