Security Operations

Agio & Respond Software Partner to Deliver Enhanced Security Monitoring

Dan Lamorena
by Dan Lamorena
category Security Operations
tags cybersecurity

Alternative asset management firms face outsized information security risks—the perils that come with handling financial transactions in which millions of dollars can change hands in a single wire transfer. As a hybrid Managed IT and Cybersecurity provider to hedge funds and private equity firms, it’s not uncommon for Agio to see clients with 50 employees managing several billion dollars’ worth of assets. It goes without saying, these are highly coveted by attackers.

Business email compromise, front-running (in which attackers capitalize on illicitly acquired information to buy up options or securities in advance of an event they know will increase their price), and redirection of transferred funds are just a few of the strategies attackers commonly employ when targeting the alternative investment space. And maintaining impregnable defenses is a tall order, especially for companies this size and so specialized that they rely on a third-party service provider—like Agio—to serve as their entire IT and Cybersecurity departments.

Agio’s partnership with Respond Software means the firm will incorporate the Respond Analyst into its Managed Detection and Response (MDR) services suite. “In essence, the Respond Analyst allows us to accomplish things that were simply impossible before,” says Schawacker. The sheer volume of security data that organizations create and ingest on a daily basis is simply too great for human analysts to monitor accurately and consistently. With the Respond Analyst onboard their security monitoring team, Agio will be able to offer its clients a level of risk reduction that’s unrivaled in their industry.

Working together to change the name of the game in Security Operations

“When we relied on the traditional approach to security monitoring, we were only as good as the capacity of our human analysts,” explains Peter Schawacker, Managing Director of Cybersecurity Operations at Agio. “With a conventional multilayered SOC, where the triage is done by humans, most of what gets detected is found only after the attacker has achieved their objective. The longer an attacker is entrenched, the easier it is to find them—but usually, by then the damage has been done.”

To Schawacker, the Respond Analyst represents a novel approach to a problem that’s centuries-old: the inherent limitations of human short-term memory. “The techniques for detecting attacks that the software relies upon are just like those employed by expert humans,” he says. “The difference is that a human can remember five items, plus or minus two, at a time. So when analysts rely on working memory supplemented with note-taking, threat intelligence feeds, and ever-improving tooling, their performance is limited by two things: how much individual analysts can see over the course of their shifts, and how much of it they can remember. By contrast, the Respond Analyst’s intelligent automated decision engine has a virtually limitless recall capacity.”

Intelligent automation sets Agio light-years ahead

“The Respond Analyst is the kind of cutting-edge technology that will allow us to leapfrog over the competition,” says Schawacker. “We’ve been in production for several weeks, and we’ve already achieved things we couldn’t do with a SIEM.” From the time the Respond Analyst was first implemented in a proof-of-concept pilot program until now, it has already detected about a half dozen attackers and the presence of malware,” explains Schawacker.

In addition, the Agio team hopes to reduce the amount of time that elapses between the detection of the initial indicators of an attack and that event’s full triage and postmortem analysis. Right now, it can take a few hours—still much faster than the industry average. But working with the Respond Analyst alongside a newly-implemented SOAR solution, Schawacker plans to bring that down to minutes and, eventually, even seconds.

Taken together, these technology investments will give Agio, already an industry leader, an unrivaled capacity to support and protect its customers. These include some of the most prestigious—and high-value—alternative investment firms in the world. Agio and Respond Software’s partnership will enhance the security of many organizations that make extremely attractive targets to criminals and represents a major step forward for those committed to their defense.

Learn More

To learn more about how many organizations across industries ranging from financial services to higher education and the nonprofit sector are putting the Respond Analyst to work in SecOps programs that are making major advances in the war against cybercrime, check out our customer stories.

Check out Agio's press release.