Drinking water-only company, SES Water, has appointed Zero Trust Secure Access Service Edge (SASE) vendor, iboss as part of its five-year, £413.9m strategic business development and investment plan.
SES Water supplies drinking water to over 750,000 people across Surrey, Kent and South London. The supplier, which was purchased by FTSE 250 company, Pennon, for £380 million earlier this year, employs 400 staff across the UK, maintaining over 2,000 miles of water mains, eight treatment works, 23 pumping stations, and 31 operational service reservoirs and water towers.
Every five years, utility and water companies submit five-year strategic business plans to the industry regulator, Ofwat, setting out their programmes of activity to deliver improved services to customers, as well as reducing their impact on the environment and wider communities.
SES Water has earmarked £413.9m for its operations and development between 2025 and 2030, as well as supporting additional projects like the company’s smart metering programme and the refurbishment of one of its water softening plants.
As part of the company’s long-term investment strategy, SES Water has also begun working with iboss to improve its security posture. Initially providing a web proxy, iboss’ implementation now manages all of the water supplier’s web filtering, enabling the organisation to block all forms of malicious material, including domains, images, or even certain words, as well as blocking malware, ransomware and regions.
As a Critical National Infrastructure (CNI) organisation, SES Water must address unique security related regulatory measures such as the CAF (Cyber Assessment Framework). According to the UK government, the UK is the third most targeted country in the world for cyber-attacks, after the U.S. and Ukraine. The government’s National Cyber Strategy 2022 and the Cyber Security Strategy 2022-2030 both recognised cyber threats to UK CNI as “an area of particular concern”.
SES Water has laid out a zero-trust roadmap, supported by specialists, iboss, with the goal of implementing Zero Trust Network Access (ZTNA) across all its digital infrastructure which, Matt Crockford, Head of Cyber Security at SES Water, said: “will give all employees ‘least privilege’ so users can only access the information they need and we can always authenticate them before they access any assets, data or programs.
Matt continues: “After speaking with the iboss team and explaining our challenges and the outcomes we wanted to achieve, we not only felt that the synergy was good, but we also got a sense that their solutions were exactly what we were looking for to address our needs, and at a fraction of the price of other vendors. When we decided to make them our security partner, we knew we’d made the right choice.”
Iboss’ solution also supports the mental health and wellbeing of SES Water’s staff by monitoring users’ web activity, flagging any concerning behaviour from staff, and allowing the company’s team to carry out critical welfare checks on those individuals.
Matt Crockford continues: “At SES Water the mental health of our team is hugely important. Although this is something which most people might not associate with a cybersecurity solution or vendor, it’s an area which iboss really excels in. As our digital footprint continues to grow, we understand that the likelihood of us being targeted by threat actors is increasing too. After a simple rollout, having a solution in place which gives us that extra layer of protection and peace of mind is very important for us. This is what iboss provides.”
Simon Eappariello, Senior Vice President, EMEIA & APJ at iboss, adds: “With SES Water being a Critical National Infrastructure organisation, it is key that the company has effective and efficient cybersecurity measures in place. As it begins to implement its plan for the next five years, the water supplier is going to need strong network security as a foundation for all of the upcoming development.
“By enabling the digital transformation of SES Water, we’re not only potentially blocking millions of threats a year, improving their security posture, but we’re enabling them to securely move data and applications to the cloud to support hybrid working whilst giving them the flexibility to employ talent nationally to their growing team. When the company rolls out Zero Trust Network Access across its entire environment, SES will have an incredible level of security.”