Weightmans Reduces Security Noise while Strengthening Defences
With a formidable reputation and heritage as a Top 45 law firm in the U.K., Weightmans LLP needed its security operations and data protection to be as impressive as its legal team. But two factors stood in the way: manpower and a comprehensive security strategy that included continuous monitoring. Weightmans had a number of discrete security products in place along with a small internal team that was overwhelmed with reviewing and responding to security logs and alerts from firewalls, domain controllers, and other critical devices and services.
“Modern security systems generate massive amounts of information, and our team was struggling to stay ahead,” explained Andy Carter, Cyber Security Manager, Weightmans LLP. The problem came to a head when the team was choosing between performing primary responsibilities and reviewing security logs. Security was top priority, but Weightmans’ IT leaders couldn’t let it disrupt daily business operations. Caught between competing priorities, Weightmans needed to add both data storage and security analysts to maintain its current direction or seek outside help from a managed security service provider.
Law firms serve as prime targets for hackers seeking to gain access to and mine sensitive client data including legal documents, financial records, and intellectual property stored within matter files. Aiming to be as proactive as possible, the Business Services and Innovation Director, Stuart Whittle, together with Carter drafted an RFP to identify partners that could reduce the number of and/or replace the current, discrete security products while introducing a 24/7 managed security service. Beyond a managed security information and event management (SIEM) solution, they were looking for a cost-effective, advanced tool set. Masergy was selected based on its comprehensive platform with integrated detection and response, machine-learning enabled security analytics, and a team of seasoned security experts with cohesive incident response processes. The
pricing model was also a good fit for Weightmans’ sophisticated IT environment.
“With help from Masergy, we have made huge gains in terms of cost effectively improving our security monitoring and incident response processes.”
Solution: Masergy’s Managed Detection and Response Platform
Weightmans replaced some of its fragmented security products with Masergy’s Managed Detection and Response platform, integrating with those that needed to remain in place. Masergy’s service delivers 24/7 monitoring, turn-key threat intelligence, seamless ticketing integration and flexible, customised reporting. The solution also integrated Weightmans’ firewalls into the service to monitor for and block suspicious traffic. In less than four weeks after implementation and tuning, Masergy’s network behavioural analysis and advanced security analytics could distinguish between normal and suspicious traffic, ruling out false positives and reducing security “noise.”
Additionally, Masergy used authentication data from the Weightmans Microsoft environment to create customised policies and rules to identify breaches of policy and assist with identity and access control. As a result of alert tuning and policy creation, the number of alerts is now reduced to a manageable list that requires further action and investigation. Finally, Weightmans’ IT team collaborated with Masergy security experts to design response procedures, establishing standard processes and best practices for acting on alerts or tickets.
Result: Security Made Easy
Today, Weightmans has a fully managed service that improves its security posture and delivers productivity savings. Thanks to 24/7 monitoring from Masergy, the firm avoided hiring additional resources to analyse security logs, ensuring the team focuses on activities that add value to the business. Data storage is no longer an issue since Masergy handles log data with an onsite Masergy-managed appliance, simplifying data privacy and compliance. Thus, Weightmans saves 2,600 GB per year in data storage and has confidence that the proper resources are in place to protect the network, detect malicious activity, and swiftly respond to threats.
The Weightmans team no longer expends effort reviewing countless alerts and chasing after false positives. For example, just last quarter, Masergy sent 21 prioritised high-risk security alerts with actionable follow-up steps. These productivity gains save Weightmans’ employees an estimated 144 hours every quarter.
- Force Multiplier: Expanded security capabilities at a cost that fit within the budget
- Productivity Gains: Saves 144 hours each quarter, helping staff reduce alert “noise” and spend time only on the most important alerts
- More Security Armoury: Strengthened abilities to block traffic automatically or manually in response to suspicious behaviour
- Simplified Compliance: Reports provide clear evidence of overall network security posture
Masergy’s reports are “sufficient and concise to work from,” explained Carter. “Only the most important alerts come through, and we don’t often need to go back to Masergy for more information. We get what we need to make our response fast and efficient.”
“Masergy helps us reassure clients that we have a holistic security approach and a 24-hour team protecting their data, so they can trust in us,” added Whittle.
New levels of insight guide in updating firewall policies and tightening security gaps. IP address blocking also strengthens security. As a natural outcome, regulatory compliance is easier too—regular testing and reporting provide security evidence. Beyond implementation, Weightmans continues to receive proactive support as part of the relationship.