Manchester Airport Terminal 2

Manchester Airport Group Increases Security Event Visibility by 1500%

Published 22 June 2021

UK’s largest airport group brings Security Operations Centre in-house to improve security posture and reduce cyber risk.

Manchester Airport Group (MAG), the UK’s largest airport group has revolutionised its visibility and protection against cyber-attacks by bringing its security operations centre (SOC) in-house.

MAG, which serves more than 60 million passengers annually across Manchester, London Stansted and East Midlands airports, needed to a more cost-efficient and effective way to strengthen its security operations and safeguard the business from increasing cyber threats. Working in partnership with Bridewell, the group transitioned from an outsourced to in-house SOC model, increasing real-time activity monitoring on devices and servers from 5,000 to 80,000 events per second.

MAG now benefits from faster, more comprehensive and accurate threat detection and response, with the ability to see and shut down threats within hours. Furthermore, 95% of all servers and devices are now visible to the SOC compared with 70% in the previous model, providing enhanced protection to the company’s 5,000 employees and over 40,000 people who work on-site.

Hybrid SOC Scheme

Bridewell began the project with an eight-week pilot scheme hybrid SOC, funded by Microsoft, before scaling to a full-sized in-house model. With a significant percentage of MAG’s staff furloughed due to the pandemic, Bridewell provided a dedicated SOC analyst to help upskill team members, resulting in significant costs savings on training.

“We take cyber security extremely seriously, which is why we wanted to strengthen our defences and gain better autonomy over our protection,” said Tony Johnson, Head of Cyber Security Operations at MAG. “We had the technical capabilities but wanted a partner that had done this before and knew Bridewell had the relevant experience in our sector. The team worked through the pandemic to create and implement the new solution which cuts through the noise to give us an accurate view of our IT estate. We’re now very confident that we’re delivering a better service and can already see the positive outcomes.”

The new model hardens MAG’s defences against the growing scale of cyber-attacks against critical national infrastructure (CNI) and the aviation sector in the wake of the pandemic. The biggest impact so far has been against phishing attacks on employees, which have increased over the last 12 months. Replacing cumbersome manual methods, the new solution automatically detects a phishing attempt and checks that nobody has clicked the link, before removing the threat from inboxes across the organisation.

According to Bridewell research, aviation is one of the most targeted CNI sectors by cyber criminals with nearly half (45%) of aviation organisations witnessing an increase in cyber-attacks since the start of the pandemic. The majority (88%) have detected cyber-attacks on their Operational Technology (OT) or Industrial Control Systems (ICS) in the last 12 months, with 95% of these encountering at least one successful attack.

“Aviation is heavily targeted by cyber criminals so it’s imperative that organisations in the sector are at the top of their game when it comes to identifying, mitigating and responding to threats,” said Scott Nicholson, Co-CEO at Bridewell. “Manchester Airport Group takes these threats extremely seriously and we are proud to have helped them build a robust and resilient solution that will protect them from the ever-evolving range of cyber threats.”

Bridewell was one of the first organisations to be awarded accreditation on the Civil Aviation Authority’s ASSURE scheme, which aims to protect the UK aviation industry against the growing cyber threat. 

Bridewell is a Security Operations Centre (SOC) specialist helping businesses achieve their cyber security goals. Contact us to discuss your requirements.

With extensive experience in delivering large-scale transformational projects in highly regulated environments, Bridewell enables organisations to drive strategic change securely, providing a full breadth of end-to-end cyber security services. Its expert team comprises of a diverse range of highly skilled consultants, supported by industry leading technology, deep technical expertise, accredited methodologies and a client-centric business driven approach.

Bridewell delivers a vast number of services across critical national infrastructure, aviation, financial services, government and oil and gas.  The company hold a number of industry accreditations including NCSC, CREST, ASSURE, IASME Consortium, Cyber Essentials Plus, ISO27001, ISO9001 and are PCI DSS QSA Company.