Two people sharing a desk one looking out an office window

BlueVoyant delivers a unified security approach in record time with Microsoft solutions

From their supportive, no-cost security assessment to super swift deployment and tailored point of view, BlueVoyant's industry expertise matches their commitment to service.

December 19, 2024

In today's digital landscape, businesses increasingly rely on data and technology to drive value, making cybersecurity a top concern—and rightly so. The United States Agency for International Development estimated that the global cost of cybercrime would reach $8 trillion in 2023, with projections soaring to nearly $24 trillion by 2027.

Businesses—especially enterprise-level organizations—face severe repercussions for data breaches, including class action lawsuits, federal antitrust claims, and FCC probes, not to mention millions of dollars in losses. The theft of sensitive information also poses broad risks to national security and state operations. It's clear: strong cybersecurity isn't just a technical requirement, it's an organizational imperative.

Against this backdrop, cybersecurity firm BlueVoyant stands out as a formidable player in digital security. Winner of the 2024 Microsoft Partner of the Year Award in the Security category, the organization specializes in facilitating the deployment and management of Microsoft solutions. "The real challenge in cybersecurity isn’t just finding threats—it’s knowing how to make protection cost-effective, scalable, and manageable," said Holly Steele, Senior Vice President, UK and EMEA at BlueVoyant.

With a strong emphasis on visibility and proactive defense, BlueVoyant uses AI and other advanced technologies—including Microsoft Defender for Endpoint, Microsoft Sentinel, and Microsoft Entra ID Protection, alongside expert insights—to enhance their customers' security postures. Steele explained that BlueVoyant and Microsoft deliver "security that integrates seamlessly into the business, from deployment through daily operations." Their services include managed detection and response, vulnerability management, and risk assessment. Every day, BlueVoyant processes more than five petabytes of security data—or the equivalent of 2.5 trillion pages of text—to detect malicious activities and help protect their customers.

A security posture in need of transformation

One customer who has benefited from BlueVoyant's services is the London-based professional services and insurance company Willis Tower Watson (WTW). The expanded brokerage firm has been dedicated to business resilience, workforce motivation, and risk mitigation since 2016—and WTW's clients expect nothing short of excellence. With operations in about 120 countries, WTW maintains a sizable estate: 55,000 workstation devices and more than 300 subscriptions in their major tenant. As such, even a minor security mishap could lead to catastrophic consequences.

In late 2022, WTW was facing internal and external security challenges from using multiple disparate security solutions, which led to inflated licensing costs, divided the small security team's focus across various technologies, and caused duplication of security data. This complexity not only increased overall security expenses but also raised concerns about the team's ability to respond quickly and efficiently in the event of a cyberattack. Paul Haywood, Group Chief Information Security Officer at WTW, determined that WTW needed a unified, end-to-end security posture. "Our strategy is to grow, simplify, and transform," he said. "We need a threat-led, agile security team." That's where BlueVoyant came in.

Thankfully, WTW had migrated about 90% of their technology, estate, and application footprint to Microsoft Azure prior to Haywood joining. "Our Azure adoption reduced the complexity of managing and running our applications," said Haywood. "That cloud transformation gives us more and better controls, as well as a smarter way to use resources."

Even though WTW had the Microsoft 365 E5 suite, according to Adam Holt, BlueVoyant's Vice President of Sales Engineering, UK and EMEA, they hadn't fully deployed its security toolset. “We helped them maximize their existing license to better cover their threats," he said. "In addition, BlueVoyant used Microsoft to modernize WTW’s security operations." They replaced WTW's costly security information and event management (SIEM) system with a more efficient, managed XDR and SIEM service. "All of this accelerated their time to value,” Holt added.

WTW isn't the only organization that risks leaving value on the table by not fully realizing the power of their Microsoft investment. Steele revealed that “many customers are paying for a Microsoft E5 license and underusing the security tools included. By working with BlueVoyant, WTW was also able to reduce total cost of ownership."

A person smiling and looking up at someone

“The real challenge in cybersecurity isn’t just finding threats—it’s knowing how to make protection cost-effective, scalable, and manageable.”

—Holly Steele, Senior Vice President, UK and EMEA, BlueVoyant

A modernized security operation

By activating Microsoft 365 E5 security solutions—such as Entra ID, Microsoft Purview, and Microsoft Azure—BlueVoyant helped WTW expand their security coverage. "Rolling out Defender for Cloud across all of our workloads and subscriptions and coordinating it with Sentinel gives us full-scale XDR capability … throughout the estate," said Haywood. And thanks to WTW's existing Microsoft investment, BlueVoyant secured 76,000 endpoints.

According to Holt, "By moving them to Sentinel, BlueVoyant was able to reduce the potential operational risk WTW was experiencing from their previous SIEM, operationalize their Microsoft security tools, and educate on how to best use Microsoft Sentinel and XDR." Holt also called the co-managed environment that BlueVoyant provides, including a continual content engineer, "a distinct advantage.”

BlueVoyant aimed to deliver these solutions and results quickly because "WTW had a shorter than typical time frame to upgrade their cybersecurity solutions and move off the incumbent SIEM provider," Steele said. "In addition, WTW needed everything mapped to the Mitre Att&ck Framework." With BlueVoyant’s extensive Microsoft onboarding experience and expertise in frameworks and regulations, this deadline was not a challenge. "BlueVoyant regularly quickly onboards new clients so they can maximize their existing Microsoft Security investments," Steele said. In short, the team at BlueVoyant understood the urgency of WTW's security challenges and worked hand-in-hand with the organization to accomplish their goals.

A person working on a laptop at a standing desk

“By moving them to Sentinel, BlueVoyant was able to … operationalize their Microsoft security tools and educate on how to best use Microsoft Sentinel and XDR.”

—Adam Holt, Vice President of Sales Engineering, UK and EMEA, BlueVoyant

A powerful example of business symbiosis

In just 60 days, the entire transformation was completed, a remarkable feat in the world of cybersecurity, and one that speaks volumes about the dedication and expertise that BlueVoyant brings to the table. The financial impact was equally significant, with estimated cost savings in the millions. This optimization not only enhanced WTW's security posture but also fostered better resource allocation across the organization. Plus, it accelerated time to value—an essential metric for new customers.

"We reduced the data going into our SIEM from almost 15 terabytes of data to less than 3 terabytes, saving about 5 to 6 million dollars a year in our telemetry and monitoring ecosystem," explained Haywood. Moreover, thanks to BlueVoyant's guidance, WTW expanded their adoption of Azure for both security and core business functions, positioning them for continued transformation in the future.

Holt summarized BlueVoyant's work with WTW: "Our ability to work on a global scale provided WTW with the practical and operational expertise required for their unique situation to provide better security outcomes."

In a world where cyberthreats loom large, the right security partner can make all the difference. For those considering a cybersecurity transformation, the journey of BlueVoyant and WTW underscores the value of aligning with an industry leader who understands the intricacies of modern security. With their Microsoft expertise and positive response from customers, BlueVoyant will continue evolving and innovating the digital landscape.

Explore more Partner Success stories

Discover how organizations like yours are using Microsoft technology to help customers solve challenges, drive results, and scale their businesses.

Browse all stories

This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.