Partnership, trust and EDR
How a WithSecure partner realized that the human element of cyber security was driving the need for Endpoint Detection and Response.
Case study: Ictivity
Ictivity can quite rightly lay claim to being an expert in their field.
The company, based in the Dutch city of Eindhoven, has been providing IT services for more than 22 years, and partners with some of the biggest IT companies in the world to provide its customers with the very best solutions on the market.
No substitute for experience.
It is this vast experience that led the company to realize the cybersecurity industry was changing. Rather than a ‘Eureka’ moment, this was more of a natural progression as they looked to the future. Ictivity discovered that while EPP was an excellent base that works hard to keep companies safe, it was no longer enough. The changing threat landscape and increased sophistication of hackers meant that this base required further strengthening.
“We had a situation in which somebody detected lateral movement in their network,” says Andrew Ehlen, Manager of Innovation and Service Development at Ictivity. “We saw some processes being executed which were not normal. There was a hacker who had created an admin account on a server and then erased all their tracks and left the network again, but the backdoor was there. EPP does not trigger those kinds of things, because this is not a virus – it is a human logging into your system.”
It was the human element that moved Ictivity towards EDR. We have got to the stage in cybersecurity where there is an understanding of what viruses and malware can do. These get on to your computer and start doing things they shouldn’t. EPP is able to prevent them from happening, but EDR allows you to see what is going on.
“Put it this way,” Ehlen continues. “If your home is being burgled, EPP protects the building. However, if the burglar gets in through the back door, EDR can track them in real-time walking through your home and watch them taking the TV off the wall. It is then able to say “hey, put my TV back, I can see exactly what you are doing.”
Further, it is often claimed that hackers can take up to eight months before they start the project of hacking your network. Once they have created a backdoor, they may not try to open it for months, or even years. With EDR, you know when someone is creating a backdoor, enabling you to block it immediately.
Trust is key
Explaining to a customer that they need to spend more money on security can be tricky. However, Ehlen was pleasantly surprised at the response he received. “We didn’t upsell EDR at all. We simply informed them that EPP is not enough anymore. You need this. You really need this. To our surprise, they understood that this was not an option or an offer, it was critical to their safety. Our sales team conducted a small training session to explain EDR and off we went together.”
What has caused this overwhelming support? According to Ehlen, it is trust – pure and simple. “Being a trusted advisor made the difference. We have around 12,500 end users on endpoint protection. We began rolling out the EDR conversion in March 2022 and already have 7500 EDRs active.”
This trust was built up between Ictivity and WithSecure before Ehlen joined the company. However, when he arrived, he saw that there was a need for a relationship. Initially, Ictivity bought testimonies and antivirus, but once he came on board the relationship really took off. “By developing a relationship with WithSecure, we began to get more information and advice. We were told about new products early and this helped us with our thinking and strategy when it came to customer-facing discussions. Essentially, we stopped buying licenses and became partners,” he says.
By passing on this trust to their customers, Ictivity were able to honestly and openly explain how Elements EDR can secure a quick, seamless and cost-effective solution. By explaining the situation to their sales team and giving them all the necessary information, they were able to impress the gravity of the situation.
“In Elements, you can see exactly what is happening, what is being downloaded. Visibility is crucial and allows you to react in real time. This lets you make your databases and systems more intelligent by recognizing files that you know are safe.”
The future
So, what does the future hold for Ictivity, in what is a constantly changing industry and global situation? “We firmly believe that every customer should have EDR. At Ictivity, we are also looking into some different products and, as a result, vulnerability management and mobile protection and Cloud Protection seem logical next steps. Essentially, expanding what we have and adding new products to the portfolio,” Ehlen explains.
The cooperation between WithSecure and Ictivity is a two-way street and Ehlen wouldn’t change that. “It is important for us to work with our vendors to make things better for our customers. WithSecure knows how to protect devices much better than we do, but we understand the impact on the end user better, as well as what they need.”
We have a word for that: co-security. Only by working together can we continue to strive towards a better, safer future.
Related products
WithSecure Elements Endpoint Protection
WithSecure™ Elements Endpoint Protectionは、高度な脅威、自動化ツールを用いた攻撃、標的型攻撃をブロックするクラウドエンドポイントプロテクションを提供します。詳しくはこちら
Learn more about the solutionWithSecure™ Elements Endpoint Detection and Response
WithSecure™ Elements EDR は、企業のIT環境とセキュリティ状況を単一の統合管理コンソール上に可視化し、サイバー攻撃を迅速に検知することができ、ガイダンスに沿った侵害の対応ができます。
Learn more about the solutionSpeak to the team
Simplify your cyber security with holistic WithSecure Elements platform. Complete the form, and we'll be in touch as soon as possible.