As one of the largest business law firms in South Africa, Cliffe Dekker Hofmeyr (CDH) has a track record spanning 166 years. The firm’s 350 legal experts act as strategic business partners to leading corporates, governments, state agencies and multinational organisations. A key reason CDH continues to be a leader in the industry is that the firm succeeds in delivering exceptional digital services to its local and international clients as well as to its renowned attorneys. CDH leverages the latest technologies to be more efficient, cost effective, and collaborative, using cloud platforms including Microsoft Azure, SharePoint Online, Office 365 and Microsoft Teams to expedite legal processes and ensure the firm’s specialists are digitally accessible legal advisors.
The firm’s strong digital strategy necessitates an equally strong focus on security, and protecting sensitive client data traversing among 650 users is no simple task. CDH’s IT team had been handling security monitoring and response for the past couple of years, but the firm’s Head of IT, Ralph Hopkins found that security has a wider and wider scope. To stay ahead of that growth, his team needed additional manpower and skills to handle threat intelligence.
To achieve this, CDH invested in sophisticated security threat detection tools that use machine learning and behavioural analytics to improve threat detection, but these tools didn’t offer a complete solution. “We had some very clever products in place that highlighted risks and abnormalities, but the wave of new information revealed that we needed to do a more effective job at actually fighting those threats,” explained Hopkins.
The CDH IT team consists of fewer than 15 people, three of whom focus on security. Six weeks after implementing the threat detection tools, Hopkins described how his team was inundated with the number of false-positive investigations. “With this flood of information, the effectiveness of the solution dissolved. We knew we weren’t getting it right yet—technology alone was not enough,” he said.
That’s when Hopkins knew it was time to try something different. “Masergy was different because they don’t just sell technology–their service reputation in the market speaks volumes.”
Solution: certified analysts backed by behavioural analytics
The firm’s executives considered hiring a larger in-house security team, but the economics of that investment didn’t make sense after the firm met with various security service providers. “We found that forging a partnership offered a better security solution than bringing more experts in-house,” said Hopkins, explaining that he sharpened his needs list around finding a service provider that could be a strong partner in both risk and response. “That skilled human element is as important as the threat detection technology. Our speed of response is increasingly important,” he said.
Executives at CDH evaluated six managed security service providers including local companies in South Africa. CDH selected Masergy’s Managed Security Service because it combines a 24/7 global security operations team with threat intelligence, incident response best practices, together with all the same machine learning and behavioural analytics as the firm’s previous solution.
Moreover, the cost of the service presented more value in comparison and could satisfy the compliance requirements of CDH.
“I had never heard of Masergy before. Masergy is different because it doesn’t just sell technology—its service reputation in the market speaks volumes,” Hopkins explained. “CISOs who don’t know Masergy will learn that it checks all the boxes. You get the right combination of machine-learning-based threat detection technology and a response team of certified security analysts working around the clock.”
Result: stronger client security
Today, the firm’s directors have a renewed sense of security confidence that stems from having Masergy’s on-demand expertise and a larger team acting on a highly prioritised list of threats. The service has also rejuvenated CDH’s IT team by reducing the security workload, boosting productivity and accelerating threat response times. “When you implement threat detection technologies, there are a lot of false positives that occur and a bit of fine-tuning that needs to happen. With Masergy, both the implementation and the tuning process were very fast. We’ve significantly reduced our number of false-positive alerts, so the team is not overtasked and can keep their focus,” Hopkins explained.
Interactions between CDH and Masergy security analysts foster a true partnership. “We have more trust in the Masergy than we had with previous solutions. Masergy has a very mature approach to threat response and that peace of mind is worth its weight in gold,” he said. CDH reaches a live analyst in a matter of seconds and receives a thorough explanation of potential complex threats and needed response actions. “The analysts understand what we’re dealing with and are willing to walk us through the processes of response,” Hopkins added. “With all the technology focus out there, the human element was the part we were missing, and Masergy hits that mark very well.”
Deeper transparency into device behaviour, traffic flows and firewall management are key benefits gained from Masergy’s suite of network visibility tools. Now the IT team can see both internal and external activity and understand how data travels in and out of the Data Centers. Plus, they can map traffic directly to a specific IP address or user, which speeds up response. “The network visibility tools are very intuitive and very easy to understand, which makes us want to use them more,” said Hopkins.
The added efficiencies in incident resolution allow CDH to pivot more frequently to security program improvement initiatives. The team is working with Masergy to develop stronger endpoint detection capabilities that support CDH’s mobile workforce strategy. Hopkins summarised it as a value-add for executives, employees, and clients alike: “All of this is helping CDH confidently deliver secure legal services—and that’s something everyone can appreciate.”
Read the full white paper here