How a UK Housing Association ensured 24/7 business resilience with a proactive cyber security programme
Housing Association
Case Study
The Requirement
A survey conducted by RSM found that a quarter of housing associations had suffered a cyberattack in 2020. As an organisation that focuses on trust as a key value, the Housing Association wanted to ensure that its security was top of the agenda, to protect customer data and business continuity, and to be sure that it wouldn’t be the next housing association to suffer an attack.
The housing association had a range of cloud infrastructure and systems in place across 60 office sites to enable effective management of the business. The association also needed to adhere to regulatory compliance as a private entity working closely with various government organisations. However, it hadn’t implemented any formal cyber security programmes to proactively monitor for attacks on the business.
The housing association consulted with 3 managed security services providers to gather recommendations on what a roadmap to a full cyber security programme could look like for the organisation.
For more information, read the full case study.
“The DigitalXRAID team provided expertise and guidance throughout every step of the project. They stood out against other providers, having spent time understanding our business and requirements.
The DigitalXRAID SOC team are truly an extension of our IT team, fully engaged, with a complete understanding of our estate, and freeing up our own internal resources to work on further projects. With 24/7 support from DigitalXRAID analysts, we can rest assured that the business is fully protected from cyber threats”
The Solution
The association’s Technology Director wanted to understand more about what the current security posture looked like and if there were any gaps that needed to be addressed, particularly around cloud environments and other third-party IT and infrastructure teams.
DigitalXRAID recommended that the housing association aligned to the ISO 27001 framework, which would provide a comprehensive gap analysis on its current security posture, as a first step in the roadmap. While the ISO 27001 standard meant that the housing association was able to monitor and maintain its ISMS to keep data safe, and continually educate its workforce on cyber risks, this still couldn’t prevent cyberattacks on the organisation.
As part of the overall business case presented to the board, the housing association wanted to implement DigitalXRAID’s fully managed Security Operations Centre (SOC) service, which would see DigitalXRAID become an extension of the housing association’s IT team, monitoring the entire estate for threats and vulnerabilities 24/7/365.
With board investment secured for the housing association’s Security Operations Centre design and scope, DigitalXRAID began implementation work to collect data from the association’s environments and integrate them into the SOC. DigitalXRAID’s team conducted research into emerging threats in the industry in order to fully understand what to look for using ‘always on’ threat intelligence tooling. The housing association was fully onboarded, with alerts, tuning and baselining, and escalation thoroughly tested for clear incident management via its SOC portal.
The Results
The housing association now has an official ISMS in place with technical controls to manage processes and keep customer and employee data safe. It also has 24/7 proactive monitoring of systems and cyber threats for complete protection from attacks.
The housing association’s Security Operations Centre can scale in line with business growth through acquisition for a future proofed solution.
Following ISO guidelines and in line with the SOC, the housing association is looking to implement continuous penetration testing as the next step in its cyber maturity roadmap, in order to adhere to certification requirements and ensure that it addresses any risks or vulnerabilities, so its IT estate remains secure.
To see how DigitalXRAID could help you protect your systems, applications and data, get in touch with our team of experts today.
Cyber Security Experts
Accredited and regulated, we're in the top 1% of cyber security agencies globally
We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.
Protect Your Business & Your Reputation.
With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.
