Channel 4 is saving the organisation’s security department thousands each year after partnering with Invicti Security™ to gain complete visibility into its web assets.
As part of protecting the information it collects, in line with regulations such as the EU Update to General Data Protection Regulation (GDPR), Channel 4 needs to secure vast amounts of information, including the data of 24 million All 4 subscribers, as well as staff details, and all of its intellectual property and be able to demonstrate that this data is safe and secure.
As a large organisation with thousands of web assets, security was previously a complex and expensive task, involving numerous penetration tests with multiple third parties, costing significant sums to the business.
“We would perform a penetration test and after getting the results, we’d have to fix the issue and then pay for another penetration test,” said Channel 4 CISO Brian Brackenborough. “That could be quite a cycle depending on how complicated the particular project was.”
Channel 4 now uses Invicti to gain visibility into whether websites are collecting personally identifiable information (PII). It can then perform vulnerability scans and penetration tests on those websites.
The efficiency gains and cost savings are clear: Partnering with Invicti saved Channel 4 thousands in the first year alone. “The budget, which we were spending every year on penetration testing, decreased approximately 60%. The following year, it decreased close to 80%,” Brackenborough said.
Using Invicti, Channel 4 can now start performing automated and continuous penetration tests or vulnerability scans against systems at certain milestones of a project to make sure it stays on track. It allows Channel 4 to catch any issues early on in the process, prioritising vulnerabilities that put the organisation at risk so it can fix them with less manual effort. “That makes our lives a lot easier and allows us to ensure we are delivering projects on budget and on time,” Brackenborough said.