“I trust the teams I have in place through our partnership with Arctic Wolf to secure our organization. It allows me to spend more time working on the security awareness and culture of the firm.”
-Chris Barnes, CTO/Director of Operations & Strategic Services, Howard, LLP
Despite billions invested annually in cybersecurity products to reduce business threats, data breaches still occur far too often. Since 2014, data breaches reported by CPA firms increased by more than 80 percent, as the cost of outside counsel for litigation can run as high as $300,000.1 Factoring in additional costs for state and federal monitoring after a breach, firms like Howard have made cybersecurity a high priority.
With growth on the horizon, Howard knew it would take on increased cybersecurity risk. Professionals at the firm routinely worked from their own devices, which led to a BYOD culture with more devices to secure. Email communications were particularly risky—to both Howard and the thousands of clients it serves.
Howard has an IT team of less than five full-time employees. The firm had logs that recorded security threats, but the limited staff had little time to monitor threats, and staff members were suffering from alert fatigue. Thankfully, no significant threat had occurred at Howard, but the firm knew it was just a matter of time.
Howard’s Chief Technology Officer Chris Barnes set out to evaluate the various cybersecurity offerings on the market to strengthen the firm’s security posture. He wanted a solution that provided greater visibility into the firm’s network, along with 24x7 monitoring and the ability to quickly identify and respond to security threats—all without requiring additional in-house IT staff or an astronomical financial investment.
Evaluating Cybersecurity Solutions and Partnerships
Barnes spent more than a year evaluating security solutions, including Secureworks, Carbon Black, Rapid7, eSentire, and Arctic Wolf’s cloud-native platform and Concierge Security® Team. Barnes discovered eSentire came at a high cost, and Rapid7 would require five to seven full-time IT employees to support the tools. Initially, Secureworks was used before switching a year later. Ultimately, the solution that stood out as the offering that would provide a high level of protection and the best value was Arctic Wolf® Managed Detection and Response (MDR).
“I trust the teams I have in place through our partnership with Arctic Wolf to secure our organization,” says Barnes. “It allows me to spend more time working on the security awareness and culture of the firm.”
The MDR solution provides 24x7 monitoring of network, endpoints, and cloud environments to detect, respond, and recover from cyberattacks. Compared to other security solutions that have limited visibility, MDR is vendor-neutral—enabling broad visibility. It eliminates alert fatigue and false positives to promote a faster response with detection and response capabilities tailored to the specific needs of Howard. It also works with existing technology stacks, so Howard didn’t have to invest in new servers. In addition, the MDR solution seamlessly connected to Howard’s cloud applications, including Box and Microsoft 365. Approximately 85 percent of the firm’s applications are cloud based. “Our biggest blind spots are in the cloud, and Arctic Wolf’s ability to connect to cloud apps is its highest value,” said Barnes.
Putting MDR to the Test
After implementing the Arctic Wolf MDR solution, Barnes got his first alert when an employee logged onto the network to check email while on vacation in Mexico. The alert notified Barnes that someone outside the U.S. had accessed the network and enabled him to contact the employee to confirm it wasn’t a cyberattack. Most recently, Howard received an alert that one of its clients’ emails had been compromised with an attachment. Three email recipients clicked on the attachment, but Howard’s other security solutions allowed for quick diagnosis and remediation.
In addition, one of their major accounting vendors experienced a malware attack on its corporate network. Out of abundance of caution, the vendor shut down access to all users for several days. Barnes is really hopeful that one day Arctic Wolf will be able to work with that vendor sooner rather than later.
“We’re a small business, so an event would be very expensive for us,” said Barnes. “It could be the difference between being in business and being out of business.”
Building a Trusted Relationship
Included with the MDR solution is Arctic Wolf’s Concierge Security® Team that works with Howard and learned its security needs to ensure the firm’s security posture strengthens over time. The team combines deep security operations expertise with knowledge of an organization’s environment to deliver the outcomes Howard expected—greater network visibility, 24x7 monitoring, elimination of alert fatigue, and fast detection and response to security threats.
The MDR implementation was also a simple process, Barnes said. “It was so easy I actually had one of our technicians install the solution as a POC for a client, and he had never seen the solution before.” Now, four years later, the relationship continues to thrive.
“In the beginning, I would email the Arctic Wolf team a lot more with questions, but we’ve gotten to the point where the communication is relatively low between us, and when I do need something, I just fire off an email and I get a quick response,” said Barnes. “Every year, I re-evaluate our security solution to make sure we have what we need. Every time, I determine the value of our partnership isn’t worth changing away from Arctic Wolf.”