A FTSE 100 retailer needed ongoing support for their incident management process. They had a small security operations team who were struggling to stay on top of incident volumes and deal with the incident complexity being encountered.
The team was comfortable with day to day events, however the leadership team wanted to have an independent provider ‘underwrite’ the teams' response. They needed access to a broad range of experts but without the cost and management overhead.
MDR Cyber used our retained incident response service to provide a single point of contact for all incident queries. The team was able to bring in experts as required and manage their engagement.
Each individual response used our threat intelligence-led approach. Our in-house threat team provided actionable intelligence to shape the response and answer specific queries from the clients' management team.
The team cut out multiple formal reporting stages and used their expertise to divide technical work up in a sophisticated way. This ensures the right experts support the right areas of response.
Our team supported multiple incidents for this client. Using our threat intelligence approach leads to more effective and efficient incident handling – ultimately reducing cost and increasing efficiency.
The approach provided the retailer with the ability to deal with high-profile or complex incidents confidently. Costs were not incurred for run of the mill events, but expertise was available as required. The client was able to receive a broad range of forensics, data protection, legal and technical security advice as needed.