Northern Gas Networks (NGN) is one of the UK’s gas distribution companies and delivers gas to 2.7 million homes and businesses in the North East of England, Northern Cumbria and much of Yorkshire. Over the next few years, NGN is committed to replacing old gas mains with over 3,800 kilometres of modern pipelines to update the region’s gas network and meet future sustainability objectives.
To increase the cyber maturity that supports large-scale transformation projects, NGN understood the importance of working to improve its detection and response capabilities. Digital connectivity plays a major role in the future of NGN’s operational technologies within their pipeline network, and they recognised the importance of securing it appropriately by working with a suitable cyber security partner.
Before working with Bridewell, NGN already had solutions in-house to aggregate security data, but this wasn’t being effectively utilised or continuously developed and didn’t have the necessary capabilities to monitor their entire converging IT/ OT estate. In parallel to this, NGN had developed their technology strategy and was in the process of moving elements of its enterprise IT to a Microsoft-based technology platform. Whilst they were already making some use of their E5 licenses, they needed a partner who could help them fully realise the commercial and technological benefits of their licensing and how this could be aligned with their overall business and cyber security strategy.
To truly modernise its cyber security strategy, NGN was also aware of the value of a threat-intelligence-led approach that would incorporate Bridewell’s intelligence and insights into relevant threat actors to drive detection and response. For NGN, this created a specific set of requirements. They needed a threat intelligence-led partner who could continually mature their detection and response capabilities, had significant experience within the utilities sector and operational technology and had a strong understanding of Microsoft solutions and regulatory requirements set out in the NIS Regulations.
To find the right partner, NGN issued a Request for Proposal (RFP) seeking proposals from leading cyber security service providers. Of the seven suppliers who responded, NGN chose Bridewell as they were impressed with their Managed Detection and Response (MDR) service. Underpinned by a modern approach to threat hunting and threat intelligence, Bridewell’s service aligned with NGN’s requirements by focusing on remediating threats rather than just identifying them.
Bridewell’s experience in protecting OT environments, within the utilities sector and beyond, and status as a CREST accredited NCSC Assured Partner and Microsoft Gold Partner with advanced specialisations and member of MISA (Microsoft Intelligent Security Association) also aligned with their selection criteria.
Working alongside a number of NGN’s in-house teams - ranging from IT, infrastructure and OT ngineering – Bridewell delivered their MDR service. The service was built upon Extended Detection and Response (XDR) technology and incorporated Bridewell’s threat intelligence capabilities throughout. One of the service’s key features was vulnerability management. Bridewell implemented a risk-based model that helps NGN drive improvements in how they respond to vulnerabilities.
"We were very pleased that Bridewell brought the project in on time and within budget."
After signature, but ahead of the contract start date, Bridewell’s cyber threat intelligence team identified the potential for war in Ukraine to increase risk for natural gas providers. Accordingly, Bridewell offered to start the service early, before the contractually agreed start date, to ensure that NGN was protected in the shortest time possible. Within 24 hours, Bridewell deployed the Microsoft Sentinel SIEM, connecting available data sources and turned on their security monitoring service that encompassed their entire IT estate.
These capabilities were advanced throughout the rest of the project as NGN’s wider IT technology, security vendors and operational technology were incorporated into the service. Having completed the onboarding process, NGN now have extensive detection and response capabilities that give them a complete view of their organisation as well as the ability to remediate any threats or vulnerabilities that may arise.
Beyond maturing their cyber security posture, Bridewell’s MDR service has supported their business objectives to date and has played a role in enabling future transformation projects. Delivering a secure, safe and reliable network that is monitored 24x7, which benefits both NGN and it’s customers, is a key deliverable to support it’s transition to whatever the future holds for the energy sector.
"Bridewell's technical subject matter experts are some of the best we've ever worked with. We've recommended them to other utilities providers in the UK and Group Companies."
In the future, NGN will continue working with Bridewell to widen their technology visibility even further and complement security architecture in support of upcoming technical projects.