Case study · Travel, luxury travel & experiences

Black Tomato Group: stronger security and a leaner stack, at lower cost

A luxury travel group wanted to raise its security posture while optimising spend. We consolidated overlapping tools, ran a pen test, and deployed unified endpoint management, managing every vendor conversation for them.

Sector
Travel, luxury travel & experiences
Size
Luxury travel group
Trigger
Enhancing security posture while consolidating tools and optimising cost
Outcome
Consolidated multiple security solutions, deployed Unified Endpoint Management, penetration-tested, DMARC in progress, with reduced admin overhead and optimised IT spend

01

Opening

What was actually happening

Black Tomato is a leading provider of luxury travel and experiences. Operating in a sector where reputation and client trust are everything, the group had an immediate need to enhance its security posture, but it wanted to do so while optimising overall costs, not simply adding more tools to the bill.

That combination, stronger security and a leaner, better-value stack, is exactly the kind of brief our vendor-agnostic model is built for.

02

What we did

The work, in the order it happened

Black Tomato first engaged us in May 2021 for an initial consultancy call to set out their specific situation and security requirements. We took the time to understand the business and its core objectives before recommending anything, and from that built a systematic roadmap of priorities.

We evaluated several penetration testing options and identified the provider that was the best fit for Black Tomato’s timeframe, budget and testing requirements, rather than defaulting to a single name. We then introduced a Unified Endpoint Management system to close the gaps the group had previously been exposed to, consolidating overlapping tools in the process.

At every stage we managed and facilitated the communications between Black Tomato and the vendors, freeing up valuable time and resource for their IT team. As part of the roadmap, we are supporting them with DMARC to prevent exact-domain spoofing attacks.

03

What we delivered

Specific outputs

  • A systematic security roadmap built around the group’s objectives and budget
  • A penetration test delivered by the best-fit provider for their requirements
  • A Unified Endpoint Management system deployed to close prior exposure
  • Consolidation of multiple overlapping security solutions
  • All vendor communications managed end-to-end on the IT team’s behalf
  • DMARC configuration in progress against exact-domain spoofing

04

What changed

For the client

By consolidating multiple security solutions and reducing silos, Black Tomato raised its overall security posture while optimising spend and cutting the management admin its team had to carry. The group has a clearer, better-value stack, and a partner accountable for it.

Following the initial penetration test, we continue to provide ongoing support and consultancy, using a Cyber Resilience Assessment to keep supporting Black Tomato’s IT security objectives as they evolve.

By consolidating security solutions, working with Threat Protect has enabled us to optimise our overall IT spend whilst significantly reducing the management admin involved. I have full trust that any solutions that Threat Protect put forward are in the best interests of the company and our security needs.
Sayed Farouk, Head of IT, Black Tomato Group

If you are in a similar situation

Bring the questionnaire. Or the alert. Or the question.

A 30-minute call with a senior advisor. We will tell you whether what we did for the Travel, luxury travel & experiences above would translate to your situation, and what the next steps would be.

Book a call

Used once to reply, never added to a list. No nurture sequence.