Implementing a Cyber Resilience Vault for a large UK financial institution
Directly addressing the risks arounds detection, prevention and recovery from cyber attacks.
Protecting your business
Addressing risks around detection of, and recovery from, cyber-attacks
Many financial institutions are coming to understand the risks and increased likelihood of cyber-attacks and are choosing to implement a Cyber Vault.
In 2020 the senior management of a large, UK-based financial institution were facing several risks to their data and their business.
Scenario planning had shown that the organisation was vulnerable to specific types of malware and ransomware attacks that could result in both production and DR capabilities being either destroyed or rendered useless.
Traditional disaster recovery, backup processes and related systems could not adequately deal with these emerging threats.
As part of a strategic response, it was recognised that the organisation needed to explore the market and consider whether a Cyber Recovery solution would be a good fit.
They required a solution that would allow a fast recovery from sophisticated attackers, ensuring that data and services were protected.
Selecting and procuring the best fit
The organisation recognised the complexity that would be involved in procuring and implementing a Cyber Vault solution; and they required a partner that understood their unique infrastructure and data.
The scope included both on-premise and cloud-based data centres hosting important business services and complex supporting infrastructure.
It was important to the company that the most critical applications were vaulted alongside foundational services such as directory services, network services and device configurations.
Finyx were responsible for running the end-to-end procurement process from requirements gathering to eventual selection. We sought a solution that combined value for money with a speedy implementation whilst meeting the specific technical requirements.
The chosen solution directly addressed the risks around detection, prevention and recovery from cyber-attack by isolating the data off the corporate network and on to immutable storage while providing intelligent threat detection.
Supporting the journey to a new Cyber Vault Service
The customer trusted Finyx to manage the implementation from planning through to service integration; alongside managing both the supplier and the integration partner through the process.
Our supply of experienced Business Analysts, Project Managers and Infrastructure SMEs significantly de-risked the delivery for the client.
Finyx also managed the list of applications, infrastructure, services and artefacts for inclusion in the vault; curating the content of the vault and ensuring the ability to recover each of the services and applications in turn.
The ultimate result is a Cyber Recovery Solution that contains the key ingredients to quickly recover in the event of a targeted attack.
Regular scenario testing and rehearsals of the skills required to recover give the customer the best possible opportunity to recover from and survive an attack.
“Finyx consistently over-delivered against our expectations, we couldn’t have made anywhere near this kind of progress without them. Their level of insight, their work ethic, and their commitment to helping us achieve a better service for our users has been invaluable.”
– Jonathan Prosser, Chief Clinical Information Officer