Data protection
Patrick Wake, Head of Information Security at FDM Group is responsible for cybersecurity and governance compliance.
With new centers in Hong Kong, Singapore, Sydney, Leeds, Glasgow, Charlotte, Austin and West Virginia in the United States and significant increases in the size of FDM's Toronto and Frankfurt centers, Wake believes a proactive approach to cybersecurity is what gives FDM the edge in the ever-changing wild west of the digital space.
“2020 was the biggest year on record for cybersecurity threats in the UK, with a 20% growth from 2019. Other places in the world show similar numbers with hackers taking advantage of remote working and the pandemic to increase attacks on businesses and individuals. Google has also reported a massive jump in phishing attacks with millions of them happening per day."
“We’ve focused on the fundamentals of security because most attacks are preventable by patching known vulnerabilities. We know that a lot of our consultants are using FDM online portals to access our information and give us theirs. This information needs to be looked after."
Patrick Wake, Head of Information Security at FDM Group
To support the consultants’ career journey, FDM recently created an online portal to provide easier access to knowledge.
"The internet is a web, and everything is connected. There are constant attempts to intercept data when it's moving through the strands of this network.”
Although the company strengthened its applications firewall, more needed to be done.“FDM aims to apply privacy protocols and security-by-design to everything we do digitally. Our portal needed to be robust. The data in it has to have protection from every angle with the latest technology.”
Staying updated
“We wanted to take a preventative rather than a reactive approach to protecting the portal, so we undertook penetration testing and added RedShield web application shields to help discover and remediate vulnerabilities.
We needed a service that identifies and rapidly shields vulnerabilities without touching the application code or impact functionality, and RedShield was able to provide it for us."
“At FDM, our strategy is to use a layered defense methodology. We already have an internal development team whose priorities are to release code, undertake new projects, and perform regular system maintenance. We don’t use RedShield as an alternative to the best practice security policies and the multiple controls we have in place already. RedShield is another layer of protection on top of all that.”
The experience
FDM deployed RedShield's software and managed services to protect its web applications in mid-2020. Since then, the two companies have established a strong working relationship.
“FDM never wanted a relationship where we just buy software and then don’t have another conversation until license renewal time. The journey with RedShield has been excellent. Everyone we’ve engaged with is very knowledgeable, and they are extremely responsive. It's what we needed to help navigate the ever-changing digital landscape.”
Planning ahead
“RedShield is now an integral part of FDM’s cyber strategy. There are many moving parts in FDM's business model. We have a global team spread across all major continents and we provide tech and business training in numbers that could run in the thousands. We're constantly learning how to stay on the cutting-edge of knowledge and technology, while ensuring our security keeps up with the growth of the business.
"Things move very fast in the world of FDM and cyber-security. RedShield provides proactive application protection and stops security from becoming a handbrake on FDM’s business expansion."
Patrick Wake, Group Head of Information Security, FDM Group