Discover more on cyber security
To help you create a secure, collaborative environment to build digital transformation strategies, we've hand-picked some security resources to equip you for this challenge.
How Culina Group is securing their future of business with BT’s Security Advisory Services.
Over the past 12 months, 72% of large UK businesses have identified a cyber breach. As a company that deals with 2.2 million orders per year, Culina Group wanted to minimise the risk of a severe cyber breach happening to its business.
The company depends on its IT and operational technology for every aspect of the business. So, it’s essential that its cyber security is robust enough to shield these systems from the increased risk that comes with hybrid working and evolving threats. A cyber attack for Culina Group would have big consequences, not just for the organisation itself, but for the overall supply chain too.
Culina Group has grown significantly over recent years, following several acquisitions. Each addition brought its own culture and new ways of doing things. And while this kept the business growing and evolving, it also quickly changed the threat landscape. Culina Group found itself looking with limited visibility across the entire digital estate. And this made it potentially vulnerable to cyber attacks.
Cyber security was under the remit of the internal IT team. But as the business grew, finding the resources to keep on top of new threats and keep up with the number of acquisitions became more of a challenge. The team was up against a skills shortage; a well-known problem for organisations across the globe as the demand for skilled security professionals outstrips supply.
The team wanted to get a better understanding of the current cyber security situation. They needed an independent assessment that they could present to senior execs, showing the security posture of each of the different brands. This would be the first step to strengthening their defences and standardising measures across the various businesses within the group. So, they turned to us to get that independent view.
Strong cyber security means everything to our business. Any impact on the confidentiality, integrity or availability of our systems and data is felt very keenly.
The first step was to build an understanding of Culina Group’s existing network set-up. Our Security Advisory Services team ran a series of interviews across the seven biggest sub-brands for Culina Group, to understand the controls that were in place and assess the risks. This resulted in a detailed report that outlined how robust the existing security measures were, along with a 13-step programme of recommendations to improve them.
This process took about a month, during which time the Culina Group team were able to focus on other business priorities. This enabled them to utilise resources and budget in the most effective way, while knowing we were building them a prioritised list of actions.
The report provided the evidence needed to get commitment and investment from the board to prioritise cyber security. The assessment also gave the new CIO, a detailed overview of the cyber security landscape of the business.
To help set the programme in motion, the CIO engaged us for additional consultancy. We shaped the security roadmap around business priorities, ambitions, and current resourcing, using the best tools available from a variety of security vendors.
Moving forwards, cyber security is now an important priority when it comes to Culina Group’s acquisitions process. Our recommendations have provided a framework to ensure that they’re not putting their business at risk. And if a risk is identified from an acquisition, the business can be quarantined in a separate part of the network until any issues have been resolved and cyber security brought up to standard.
Thanks to BT Security, we have quick visibility of all different businesses' levels of compliance with the Centre for Internet Security (CIS) controls framework. This has been instrumental in helping us develop a fact-based information security improvement strategy.
The security health check has given the Culina Group team an actionable programme, allowing them to focus their efforts where it matters most. They also have continued access to our dedicated cyber security experts, ready to provide independent advice and recommendations for staying protected from end to end.
We’re vendor agnostic, partnering best-in-class providers with the expert knowledge of our in-house security specialists, which means we can recommend the best solutions for the unique challenges facing Culina Group.
All of this means the team at Culina Group have taken a big step to securing their organisation for the future of work. The current security landscape has been improved, thanks to our 13-step programme of priorities. And this process has allowed new frameworks to be put in place, making sure that the business can continue to grow through acquisitions, without increasing the cyber security risk.
BT’s insight has helped us identify a prioritised list of improvement actions, as well as focus resources to help us make the business more secure and robust – now and into the future.