Taylor Rose Law was founded in 2009, bringing a fresh and distinctive commercial and client satisfaction focus to law. A Top 60 law firm, Taylor Rose is extremely proud of its 100-year plus heritage and the successful mergers it has undertaken to deliver its strategy to become a leading law firm in England and Wales. With a proud heritage and a unique management structure unlike any other law firm, the firm's philosophy is to deliver smart, modern law.
Adrian Thompson is the former Chief Security Officer for Taylor Rose and former head of IT and InfoSec. Reporting directly to the Taylor Rose CIO, Thompson worked for the law firm for over nine years. Thompson and his colleague Craig Jackson, Information Security Engineer at Taylor Rose, connected with Rapid7 in late summer 2023 to discuss their cybersecurity journey with Rapid7.
Upon accepting the role of CSO, Thompson discovered some “glaring holes” in Taylor Roses’ security posture and determined that existing processes were too cumbersome and inefficient for his liking. Thompson, with the bird’s eye view of their security posture, and Jackson, who managed day-to-day operations, knew that Taylor Rose needed a solution that enhanced visibility while simultaneously simplifying workflows.
Enter Rapid7. Thompson immediately realized that with Rapid7’s XDR and SIEM platform InsightIDR, as well as the partnership and service offered through MDR, his team could become proactive instead of reactive, as well as efficient rather than disorganized.
“We were able to quickly and easily investigate and had all the tools and data and everything we needed in one place,” Thompson recalled. “Before, we would have to go into five or six different consoles to try and piece together what was happening. That obviously was hindering our threat response, because we were responding slowly to whatever was occurring.”
Fast-forward to today. Thompson says his team is still efficient and thriving thanks to InsightIDR. In fact, they’re up for the Information Security Team of the Year Award at the upcoming British Legal Technology Awards.
“Our team is 100 % more efficient now than pre-Rapid7 – and that’s not an exaggeration!” he chuckled. “The time to address an incident has gone from hours to under an hour. We’re lightyears ahead of where we were at before InsightIDR and MDR. Without them, we would need a much larger team.”
Rapid7's MDR is built on InsightIDR—Rapid7's leading SIEM and XDR platform—which gives MDR customers not only an extended team comprised of elite SOC analysts, but the ability to be hands-on with InsightIDR as well. Thompson largely credits the new-found efficiency to the resulting ease of use, including a low barrier to entry in terms of languages and the interface.
“With some other products, you need to be really proficient in query writing and that sort of thing,” Jackson divulged. “If you’re not so experienced in that bit, you’re probably having to scroll through loads of lines of code that you might not understand or you might not need, or that might not even be relevant to you.”
In contrast, continued Jackson, Rapid7’s MDR team filters all of the “noise” down to the most important information. “You know straight away where to investigate and how to start your investigation,” he explained.
Thompson then interjected to beam about Rapid7’s MDR coverage. “It pulls information from everywhere,” he concurred. “You get all that information in one place. It covers firewalls and everything, the coverage is complete.”
One of Thompson’s favorite aspects of Rapid7 is the Monthly Threat Hunt, which Rapid7 sends to customers to keep them apprised of the most pressing emerging threats across the cyber landscape.
“For instance, with this recent MOVEit vulnerability that’s out there, Rapid7’s SOC conducted a threat assessment within our environment to make sure that we’re not vulnerable to it,” shared Thompson. “Things like that are absolutely priceless, because otherwise, our staff are going to be spending days trying to work out where the issue is. It really helps me with my board reports, because I can confidently say that we’re responding to any new threats or vulnerabilities efficiently. We’re on top of them.”
There’s another key ingredient to the successful partnership of Rapid7 and Taylor Rose. Jackson waxed poetic about his relationship with not only his customer advisor and SOC analysts, but the Rapid7 community at-large.
“The service is fantastic. We just had our monthly review call today with our dedicated security specialist, the communication is constant. Not only that, Rapid7 does a hell of a lot of events and webinars, and you feel like you’re part of the team. I don’t know how many events I’ve been to. I started listening to the Rapid7 podcast earlier today!” he said.
“It’s a broad community and great people. We’ve met people from all the way throughout the business and they’re all absolutely great to get on with.”
According to Jackson, anyone who is new to Rapid7 need not be shy. He also highly recommends taking advantage of Rapid7’s “brilliant” documentation and support.
“The documentation is so comprehensive. It’s really simple to follow, really helpful, and you can’t go wrong,” he advised. “Reach out to your customer advisor, because honestly, they’re brilliant. They’ll get on it really quickly. Even if it’s something that might be slightly out of scope. Not only will they do it, they’ll show you how to do it yourself as well. If you do those two things, then you’ll absolutely have a really good experience with Rapid7.”