Founded in 1976, Dimensions is one of the country’s largest not-for-profit organisations supporting people with learning disabilities, autism, behaviours of distress and those with complex health needs. Employing around 7,000 people, Dimensions delivers ambitious, effective, personalised support and housing to around 3,500 individuals across 850 locations, often to those whose previous support has not been successful.
For Simon Etheridge, Deputy Director of IT, securing data is a top priority. “We deal with personal data daily. Our ability to secure and protect that data, to have oversight of how that data is moving around our network, and to have real-time alerting if anything was to breach the perimeter and access that data is of paramount importance to us.”
Dimensions are aware of the impact a data breach can have. It is vital to ensure accounts remain uncompromised and mailbox data is not vulnerable to malicious schemes.
The IT team was already aware that more robust tools and processes were needed, and as reports of cyber incidents increase throughout organisations nationally, there was a realisation that Dimensions could be just as vulnerable, and this helped to raise the priority of cyber risk at Board level. “Long gone are the days where you can say we are unlikely to be targeted because of the type of organisation we are.”
An assessment was made of the merits of building an in-house SOC (Security Operations Centre) or engaging a partner, and it quickly became clear that it would not be cost-effective to acquire and retain in-house the resource capacity and the depth and breadth of skills needed to maintain even a minimum capability around the clock.
Longwall was engaged initially to provide a managed detection and response service through their 24/7/365 SOC, combined with regular engagement from a Longwall security consultant to help develop strategy and to build and test comprehensive incident response plans. Over time this has expanded to incorporate additional features of Longwall’s Managed Detection, Intelligence & Response and Managed Exposure & Risk Management services.
Dimensions quickly gained new visibility of network activity and user behaviour across their estate. This enabled the team to start to update their policies, implement stronger controls, and enforce security best practices in both their infrastructure configuration, and within their administrator and user communities.
“We recognised our controls at the time for cyber security were not up to the task, and through our long-standing relationship with Longwall, we have been able to implement a Managed Service that really has brought us up to date.”
Consequently, cyber assurance is more robust than ever before, and the organisation has renewed confidence in information security and in its ability to protect confidentiality.”
Importantly, with the right tools and resources now in place, the team has been able to demonstrate effectiveness in its cyber security programme, as well as significantly reducing the cost to respond to and recover from a future incident.
“We’ve been able to show to our Exec Team and Board a return on their investment.”
“We’ve been able to show to our Exec Team and Board a return on their investment.”
Longwall Security Limited is registered in England and Wales. Registered number: 8690329. Registered office: Suite I, Windrush Court, Abingdon Business Park, Abingdon OX14 1SY, United Kingdom.