Managed security saves Smiths Group £750,000

Smiths says it had been aware that IT security across the group varied according to geography, historical procedures and the contradictory risk assessments of individual business units. “While we acknowledged that security requirements differed between aerospace and engineering, this presented us with a problem,” says Dave Southward, group infrastructure and IT manager. “The reality was that the weakest links in our system could eventually compromise security as a whole.” Accepting that its legacy global IT infrastructure – with multiple technologies, including over 200 servers, 34 firewalls, 176 Internet circuits and contracts with more than 40 carriers – was not meeting the business needs, Southward and his team set about fixing the IT infrastructure. “It was amazing that the whole infrastructure hung together and actually connected all the various parts of our business”, says Southward. “However, to move forward and allow technology to enable our business meant redesigning the infrastructure, and for this our guiding principles were to simplify, standardise, rationalise and centralise.” The objectives for its redesign were to improve operational effectiveness by establishing a minimum technology standard for everybody and to give the company better value for money. Southward says he also insisted that security was designed into the network from the outset. “In order to achieve a certain level of security for the whole company, we knew that we would have to re-architect our entire baseline security solution, and for that we needed to use experts.” “We rapidly realised that IT security requires experts and that at best a Smith’s team would be competent generalists,” says Southward. “In addition, retaining key security staff could be difficult and expensive.” So the company went for a third party. “[It] was the ideal solution to complement our existing internal skills set, and relieved us of the pressure of managing our security devices while giving us access to external information, threat trends and our security partner’s knowledge base,” says Southward. Following an evaluation involving five suppliers, Smiths Group selected Cybertrust for its global footprint, support network and heritage of proven technologies. “Cybertrust is the ideal partner, handling some of the day-to-day operations, leaving the internal security team free to focus on future threats and solutions,” says Southward. “Cybertrust has surpassed our expectations,” he continues. “Their security professionals have developed such a considerable knowledge of the Smith’s information networks that they are embedded into our organisation and are part of the team. We wouldn’t go back to an in-house model. “It would have cost us over a million pounds to manage security internally. Now Cybertrust does all the dirty work and we can spend more time looking at our internal processes and add value to our business units.” While security breaches and intrusions into the network occur, they are now identified and managed swiftly. “Security incidents are a fact of life today,” says Southward. “And I would be naïve to say we don’t experience any; however, with Cybertrust as our partner, we are able to mitigate and minimise our exposure and risk.”