Travis Perkins boosts cyber defences
Builders merchant secures against email and web-based threats to protect customer information
Builders’ merchant secures against email and web-based threats to protect customer information
Following an attempted attack, the company introduced FireEye’s advanced threat protection solutions alongside existing security tools to address network security gaps that might leave it vulnerable to attack.
In the wake of recent high-profile attacks on other organisations, and with the Information Commissioner’s Office (ICO) threatening increasingly severe penalties for inadequate data protection, the group was keen to improve network visibility and ensure the continuous security of customer information. What’s more, as a publicly listed company, Travis Perkins must take steps to protect sensitive shareholder and financial details.
Before deploying the full system, Travis Perkins embarked on a period of thorough proof-of-concept testing. This not only ensured that the system would be interoperable with existing infrastructure, but also offered an indication of the level of threat currently being missed by traditional security measures.
Once bitten, twice shy
“Before deploying FireEye, we had been targeted by a cyber attack that was caught by our internal defences before any harm could be done,” said Simon Gray, information security specialist at Travis Perkins. “However, had this been more sophisticated malware, as we have seen with many high-profile breaches, it could have been a different story, and this prompted us to seek a solution to cover all bases and deal with this new generation of threat.
“FireEye’s proof-of-concept stage was particularly useful for us to see where the gaps in our network security were and what our existing defences were in danger of missing, or routinely returning as false positives,” he added.
With its Web Malware Protection System, FireEye said Travis Perkins is protected against the web-based and zero-day attacks that traditional firewalls, intrusion prevention systems (IPS), anti-virus (AV) and web gateways often fail to catch, while the FireEye Email Malware Protection System secures against spear phishing email attacks that bypass anti-spam and reputation-based technologies. All of this is controlled and managed through the FireEye Central Management System (CMS).
“As an organisation, we are continually striving to ensure the utmost protection for our customers, and in this respect, FireEye really impressed us,” continued Gray. “As the stakes have never been higher, we urgently needed to secure our data with a robust, reliable and comprehensive solution – and FireEye certainly ticked all of the boxes. The solution was easy to implement, simple to use, and proved that it could catch events that our existing systems didn’t. We look forward to extending our relationship with FireEye in the near future to ensure our security infrastructure evolves in line with the rapidly changing threat landscape.”