Case Studies

Ransomware Defense at Waverly Borough Council

Located in the south of England, this Borough Council supports of 123,000 citizens, managed assets of over 553 M GBP and operates over 4000 council homes and manages its citizens pension fund. Protecting the information of the citizens who live in the borough while keeping all of the myriad services offered to those citizen is priority one.

Council's in the Ransomware Bullseye

In 2021, UK Council's became the epicenter of a series of ransomware attacks the crippled many of the services offered to their citizens just as COVID-19 peaked. As multiple councils became the victims, the head of the NCSC (National Cyber Security Centre) warned that “most of the devastating ransomware attacks against UK targets” originated in Russia and that not enough organizations in the UK are adequately prepared to deal with the threat. Not wanting to become the next headline, Waverly's IT team began a search to upgrade their defenses.

Needs link added

Requirements

>
Understand all the network devices and define where sensitive data was located
>
Deploy within a limited budget, and operate under a small IT team
>
Show specific ransomware defense policies and reports
>
Automate 24/7 monitoring for ransomware attacks.

Achievements

>
Accurately mapped all network resources and all identified “unknown” systems.
>
Identified, categorized and labelled sensitive assets on the network.
>
Enabled continual 24/7 monitoring that watches all network traffic, IT systems and endpoint systems for ransomware risks and threats.
>
Deployed security policies and automated reporting that expanded the Council’s security framework to cover ransomware attacks.

“The first step was implementation – this could not have been easier. CyGlass is fully automated and being a fully hosted solution, is non-intrusive and of no risk to our data. We achieved initial traffic flow in 45 minutes. It took just a few days to learn our network, shining a light on many areas that were not easily visible. This helped us highlight and prioritize remediation work even with limited resources.”

HOWARD DENHART, SERVICE DESK SUPERVISOR

Waverley Borough Council

The Solution

Rapid Time to Value, Powerful Defense

NDaaS was a perfect fit for Waverley Borough Council. It met all of the project objectives including visibility of assets and risk on the network, network based threat detection, continual monitoring, and automated detection and response, but most importantly, it required no new hardware and no new headcount.

SaaS, No Hardware, Easy Deployment

Rapid Time to Value

COVID-19 was in full swing, IT staff were not in the office, hardware could not be procured, yet CyGlass rolled out seamlessly. Data collection began in under an hour and within a week, ransomware defense machine learning was operating at 100%.

AI Driven Ransomware Defense

CyGlass AI detects and stops the early stages of ransomware attacks. Equally powerful, CyGlass's ransomware risk reduction policies monitor for rogue devices, high risk traffic, and rogue users thereby reducing threat surfaces.

24X7 Automated Monitoring

CyGlass automated the security analyst, threat hunter and incident responder roles all in one. Covering M365, network, and AD environments CyGlass enabled the small IT team to focus on the most risky events.