The Carey Group is one of the UK’s leading construction and engineering firms. A family-run business for over 50 years, the firm has grown into a multimillion-pound organization, with customers across commercial, healthcare, residential, retail, industrial, and many other sectors.
Amjad Khan is the infrastructure engineer at the firm, where he manages a team of five with responsibility for on-premises and cloud IT systems and cybersecurity. With over 1,000 users and additional contractors, there’s plenty to keep him busy. In fact, cyber risk is escalating to such levels that UK’s National Cyber Security Centre (NCSC) recently published its first ever guidance document for the industry. It warned that as organizations in the sector that increasingly expand their use of digital technologies, may unwittingly be exposing themselves to phishing, ransomware, supply chain attacks, and other threats. A combination of managing sensitive data and processing high-value payments makes construction firms a particularly lucrative target for cyber-criminals, NCSC warned.
Amjad says that although ransomware keeps him awake at night, it’s a threat the firm has been able to manage with the right tools and policies..
In 2018, Amjad realized that the firm’s endpoint protection was unable to manage mounting cyber risk. Reliant for years on Microsoft Windows Defender, the Carey Group had avoided a major breach, and Amjad wanted to keep it that way.
After evaluating several vendors, he selected Trend Micro due to not only the breadth of protection offered by the Trend Micro Apex One™ endpoint security suite, but also the prospect of combining it with cloud security, detection and response capabilities, and web gateway protection, from a single platform. The firm has since expanded its Trend Micro portfolio to include Trend Micro™ Cloud App Security and Trend Micro™ Web Security to bolster its email and web gateway protection for 30,000 apps.
"It’s better to work with one platform, one technology and one vendor which has control over multiple different environments."
The Carey Group had already run a business continuity plan in 2018, so it was well prepared for the rapid shift to remote working that came with the emergence of COVID in early 2020. However, the SaaS deployment model used by Trend Micro’s solutions made the transition even more seamless, according to Amjad.
“When COVID struck we didn’t really need to introduce any drastic changes. We just followed the plan, and everything worked pretty well for us,” he says. “Trend Micro was deployed on our endpoint devices so we had eyes on our teams and on whether they were connected from the corporate network or home. In addition, Cloud App Security was doing its job by checking everything from a cloud aspect. So overall it was a very smooth transition for us.”
Consolidating onto a single vendor has also made Amjad’s life easier in terms of training team members up on the tools, keeping threats at bay, and simplifying support calls.
“It’s better to work with one platform, one technology and one vendor which has control over multiple different environments,” he concludes. “It’s easier for my team to learn about the technology, and optimized security for my data and systems. We tend to receive so many phishing and whaling attacks and our solutions pick up and defend against all of them.”
"Trend Micro was deployed on our endpoint devices so we had eyes on our teams and on whether they were connected from the corporate network or home. In addition, Cloud App Security was doing its job by checking everything from a cloud aspect. So overall it was a very smooth transition for us."