Customer Story

Greenhill Advises Global Finance Clients While Protecting Data With Leading Security

Greenhill is a global independent investment bank that advises corporations, partnerships, institutions and governments on matters that include financing, restructuring, raising capital, and mergers and acquisitions. From 17 offices on five continents, the firm uniquely focuses on client services versus investing, trading, underwriting or lending.

Greenhill’s team of managing directors averaging over 25 years’ experience provides seasoned insight to all major industries and markets. They have built a reputation for independence, discretion and providing unconflicted advice, particularly in cases of shareholder activism.

Greenhill has steadily and strategically grown its services and footprint since being founded in New York City in 1996. It remains mid-market in size, a factor that presents security challenges, according to CIO John Shaffer.

“It’s important to be prepared in an ever-changing threat landscape populated by threat actors plus staff who bring their own devices and connect them from home,” Shaffer explains. “That presents a major challenge for our team to ensure that our data remains our data, and to affirm our employees’ home networks do not become a bridge for getting into our corporate network.”

Greenhill met these challenges by aligning with a security company that provides industry-leading solutions. “Greenhill works very hard to maintain a solid defense-in-depth strategy, and build key strategic relationships with security partners such as CrowdStrike,” Shaffer says.

Early on, Greenhill witnessed significant business value with an estimated 75% reduction in alerts and cost savings of $300K per year. Greenhill leveraged CrowdStrike solutions for its detection and forensics capabilities, leading to additional security deployments including complete endpoint detection and response (EDR), managed services and consulting services.

“We probably rely on the Falcon platform more than anything else for our security,” Shaffer says. “We have it deployed globally and use it as our EDR and AV replacement.”

Greenhill Evolves Its Security to Stay Ahead of the Changing Threat Landscape

“At first, the lightweight single agent attracted us to CrowdStrike,” he says. “It was incredibly easy to implement and roll out globally. We were able to deploy agents and have the system running in an hour. And the agents continually update, which is fantastic. We are in a constant battle to keep our security updated and CrowdStrike is not one that we have to worry about.”

As the CrowdStrike Falcon® platform evolved to stay ahead of the threat landscape, Greenhill added extra capabilities including endpoint protection, next-gen antivirus and Falcon Firewall Management™.“CrowdStrike does a really good job of looking into the future and delivering solutions that our business needs,” he says.

The Falcon platform was built from the ground up rather than through acquisitions, a factor that has given Shaffer the confidence to trust CrowdStrike as “an extension of our security department.”

Greenhill Uses Managed Security Services to Extend Its Security Team

With the success of the Falcon platform and desire for a holistic security solution, Greenhill added Falcon Complete managed endpoint security, CrowdStrike’s comprehensive security program, to achieve this vision.

Falcon Complete adds a team of security experts that handle every aspect of CrowdStrike’s endpoint security technology for Greenhill. They assist with all security tasks, including deploying and managing the Falcon platform from the initial onboarding and configuration stages, to prevention health checks, maintenance and operations, incident triage, and hands-on remote remediation.

Adding managed services to our CrowdStrike deployment made it even more valuable,” Shaffer says. “Falcon Complete helped Greenhill to improve our security posture, shrink the time needed to respond to threats, and eliminate the need to reimage systems during remediation.
John Shaffer, CIO

Another benefit is the day-to-day guidance from CrowdStrike engineers. “The team has been incredibly responsive. Without that support we would be doing that on our own, with any tool, and it would be trial by fire.”

Gaining Executive Confidence Through Proactive Security Assessments

“There are many regulations for financial institutions,” Shaffer says. “In the European Union, for example, with the General Data Protection Regulation (GDPR), regulators are tightening down on what and whose data you can have and how you can ensure that it’s safe. We don’t protect medical records or personally identifiable information, but our data is our livelihood and we treat it just like we would treat any other personal data. We need to know that our data is not leaving our environment or that someone is not in there looking around.”

Because of that crucial need to maintain the strongest possible security, Shaffer selected CrowdStrike’s managed services team, rather than a Big Four accounting firm, to conduct Greenhill’s annual cyber maturity assessment.

“This delivered a really big win for us with leadership,” he says. “It was the first time our management was able to see CrowdStrike in action. They were really impressed with what the security team does behind the scenes and said it was the best report with an easy-to-consume security posture analysis. That was comforting for me, because I did stick my neck out a little and because I use CrowdStrike and believe in the product and services.”

Not only was the maturity assessment a testament to what Greenhill and CrowdStrike have been able to do together, Shaffer says, it showed the value of sharing that type of detailed information with executives. They’ve performed it quarterly ever since. Plus, Greenhill has also conducted a successful cybersecurity tabletop exercise to fulfill an auditing requirement.

“It’s important that we continue to work with the CrowdStrike Services team,” he says. “We don’t like to overload our leadership, but they want to see that we are being proactive on security.”

Remote Staff Work Safely, Seamlessly Thanks to Greenhill's Security Solution

Greenhill’s long-standing partnership with CrowdStrike enables the investment bank to spend less time on security and more time providing value to its end users.

Our needs are focused and targeted,” Shaffer explains. “We want to make sure our applications and laptops work and that we can conduct business remotely. All the behind-the-scenes security CrowdStrike does to make sure our environment is safe means we can spend time on projects that are more meaningful and more effective for our end users.
John Shaffer, CIO

“CrowdStrike’s technology and expertise have become a big part of Greenhill’s security strategy,” he continues. “In acting as an extension of our security team by providing resources and expertise we do not have internally, CrowdStrike has given us peace of mind we otherwise would not have.”