A Complete, Cutting-Edge Menu of Security Services
Bridewell’s cyber security consultancy services combine a comprehensive set of methodologies and expertise across various technical areas, including the ability to implement positive cyber security change.
Customer Case Studies
Northern Gas Networks (NGN) is one of the UK’s gas distribution companies and delivers gas to 2.7 million homes and businesses in the North East of England, Northern Cumbria and much of Yorkshire. Over the next few years, NGN is committed to replacing old gas mains with over 3,800 kilometres of modern pipelines to update the region’s gas network and meet future sustainability objectives.
The Challenge
To increase the cyber maturity that supports large-scale transformation projects, NGN understood the importance of working to improve its detection and response capabilities. Digital connectivity plays a major role in the future of NGN’s operational technologies within their pipeline network, and they recognised the importance of securing it appropriately by working with a suitable cyber security partner.
Before working with Bridewell, NGN already had solutions in-house to aggregate security data, but this wasn’t being effectively utilised or continuously developed and didn’t have the necessary capabilities to monitor their entire converging IT/ OT estate. In parallel to this, NGN had developed their technology strategy and was in the process of moving elements of its enterprise IT to a Microsoft-based technology platform. Whilst they were already making some use of their E5 licenses, they needed a partner who could help them fully realise the commercial and technological benefits of their licensing and how this could be aligned with their overall business and cyber security strategy.
To truly modernise its cyber security strategy, NGN was also aware of the value of a threat-intelligence-led approach that would incorporate Bridewell’s intelligence and insights into relevant threat actors to drive detection and response. For NGN, this created a specific set of requirements. They needed a threat intelligence-led partner who could continually mature their detection and response capabilities, had significant experience within the utilities sector and operational technology and had a strong understanding of Microsoft solutions and regulatory requirements set out in the NIS Regulations.
The Solution
To find the right partner, NGN issued a Request for Proposal (RFP) seeking proposals from leading cyber security service providers. Of the seven suppliers who responded, NGN chose Bridewell as they were impressed with their Managed Detection and Response (MDR) service. Underpinned by a modern approach to threat hunting and threat intelligence, Bridewell’s service aligned with NGN’s requirements by focusing on remediating threats rather than just identifying them.
Bridewell’s experience in protecting OT environments, within the utilities sector and beyond, and status as a CREST accredited NCSC Assured Partner and Microsoft Gold Partner with advanced specialisations and member of MISA (Microsoft Intelligent Security Association) also aligned with their selection criteria.
Working alongside a number of NGN’s in-house teams - ranging from IT, infrastructure and OT engineering – Bridewell delivered their MDR service. The service was built upon Extended Detection and Response (XDR) technology and incorporated Bridewell’s threat intelligence capabilities throughout. One of the service’s key features was vulnerability management. Bridewell implemented a risk-based model that helps NGN drive improvements in how they respond to vulnerabilities.
"We were very pleased that Bridewell brought the project in on time and within budget."The Results
After signature, but ahead of the contract start date, Bridewell’s cyber threat intelligence team identified the potential for war in Ukraine to increase risk for natural gas providers. Accordingly, Bridewell offered to start the service early, before the contractually agreed start date, to ensure that NGN was protected in the shortest time possible. Within 24 hours, Bridewell deployed the Microsoft Sentinel SIEM, connecting available data sources and turned on their security monitoring service that encompassed their entire IT estate.
These capabilities were advanced throughout the rest of the project as NGN’s wider IT technology, security vendors and operational technology were incorporated into the service. Having completed the onboarding process, NGN now have extensive detection and response capabilities that give them a complete view of their organisation as well as the ability to remediate any threats or vulnerabilities that may arise.
Beyond maturing their cyber security posture, Bridewell’s MDR service has supported their business objectives to date and has played a role in enabling future transformation projects. Delivering a secure, safe and reliable network that is monitored 24x7, which benefits both NGN and it’s customers, is a key deliverable to support it’s transition to whatever the future holds for the energy sector.
"Bridewell's technical subject matter experts are some of the best we've ever worked with. We've recommended them to other utilities providers in the UK and Group Companies."In the future, NGN will continue working with Bridewell to widen their technology visibility even further and complement security architecture in support of upcoming technical projects.
Learn more about our Managed Detection and Response Service.
Working with Us
All our services are based on our adaptive, customer first philosophy, ensuring we act as an extention of your team. This enables us to provide trusted advice that helps you meet your specific goals and requirements.
Understand
We listen and learn about your business challenges, goals and ambitions, strategic drivers and culture.
Assess
We assess your current risk position relative to your needs and goals, and develop a roadmap for optimising your cyber security.
Design
We design solutions, processes and strategies that allow you to achieve the desired state of security and effectiveness.
Optimise
We use our agile yet focused methodology to evolve and optimise your solution over time, to maximise value.
Manage
We operate as an extension of your own cyber security team, delivering tangible, value-added cyber security on a 24/7 basis.
Implement
We draw on our experience and expertise to implement the agreed technical solutions, governance, compliance frameworks and migration processes.
Why Us?
.svg?sfvrsn=428a1942_1){kind=icon}
Awards
Our team have won numerous industry awards, including ‘Best Security Company of the Year' at the Cyber Security Awards 2023 and 'Best Cyber Security Company Europe' at the Cyber Security Awards 2022.
Certifications
Our people and services are highly accredited by leading industry bodies including CREST, the NCSC, and more. Our SOC holds extensive accreditations from CREST (including for CSIR and SOC2) and works closely with our cyber consultancy services.
Partnerships
As a Microsoft Partner, we also hold advanced specialisms in Cloud Security and Threat Protection. We’ve also implemented some of the UK’s largest deployments of the Microsoft Security stack, inc. Sentinel, Defender, Purview and more.
