Managed Detection and Response Case Study: NatureScot


NatureScot is the operating name for the body formally called Scottish Natural Heritage. Responsible for the country’s natural heritage, it is an executive, non-departmental public body of the Scottish Government.

Through COVID-19, NatureScot accelerated their digital transformation strategies and their usage of collaborative workspaces and tools. With their team of approximately 800 employees working remotely, devices and endpoints required additional protection against potential cyber security threats.

Calum MacNab, Senior Information Risk Manager at NatureScot, launched a process for a Managed Detection and Response solution to strengthen their cyber security defences and prevent advanced and sophisticated threats from affecting their infrastructure, potentially causing corruption and unavailability of systems and data, or significant downtime.

The Solution

Migration to the cloud was new territory for Calum and the team. NatureScot recently invested in Microsoft E5 licences, and aimed to utilise the SIEM solution for log storage and integrate all cloud applications in one central location. Calum began to seek external expertise in this area and discovered Brightsolid via the Scottish Government framework.

“We had a statement of requirements for what we were after, and at the end of the exercise, the proof of concept Brightsolid presented us with was by far the best solution.”

Calum MacNab, Senior Information Risk Manager

Brightsolid’s Managed Detection and Response solution adds a layer of defence directly to NatureScot’s infrastructure through an experienced Security Operations Centre (SOC) that will monitor their infrastructure 24x7x365. Acting as an extension to their in-house cyber security team, Brightsolid’s experienced analysts and engineers provide NatureScot with a prompt and effective threat response by monitoring the infrastructure for vulnerabilities and conducting triage and threat-hunting activities, ensuring optimum organisational preparedness and response capabilities in the event of internal or external cyber attacks.

The Results

  • Successfully delivered project on time and to budget.
  • Enhanced cyber security posture due to real-time detection and response capabilities.
  • Cost savings on personnel and IT systems that would have required in-house resource 24/7.

“The proposal was very flexible, nothing was too much of a problem, Brightsolid were happy to work to our timescale and pace and provided really helpful suggestions. It was a case of “tell us what you want and we’ll work to get you there”. Flexibility is the keyword here.”

Calum MacNab, Senior Information Risk Manager

Further reading: