Bunzl stays one step ahead with acquisitions and cyber security

Bunzl is a Global Distribution company with operations in 31 countries from over 150 facilities. Bunzl provides their customers with essential items necessary to successfully operate their businesses. They service many sectors including Healthcare, Cleaning & Hygiene, Facilities Management, Hospitality, Safety and Emergency Services. Acquisitions are a key pillar of their overall business strategy, with the global team always on the look-out for bolt-on acquisitions that extend their existing offering.

Yet, as any growth-focused business leader would attest, acquisitions can expose companies to new risks. In fact, 62% of companies face significant cyber security risks by acquiring new companies, and say that cyber risk is their biggest concern post-acquisition.

This risk, compounded by the ever-growing threat of cyber attack, recently prompted Bunzl’s global IT team to rethink its security standards, and subsequently ensure alignment and compliance across each of the geographies comprising the Group. In Australia, the local team turned to Peloton to help achieve this and reduce overall risk.

The Issue

Meeting new global security standards

“While each of our regions operates autonomously, there’s one thing we’re all aligned on—and that’s cyber security and compliance,” said Therese Chakour-West, Bunzl Australasia’s Chief Information Officer. Bunzl takes cyber security very seriously, and wanted the best help in implementing the new set of IT security standards across the region.

It soon became apparent that Peloton was the right team for the job. As Darrien Bryce, Bunzl’s Cyber Security Operations Manager said,

“It was clear from the outset that the Peloton team would roll up their sleeves and invest real time in helping us—not only to solve this compliance piece, but also to identify and address other cyber security gaps and opportunities.

“And that’s exactly what they’ve done. They’ve helped with everything from endpoint detection to vulnerability management. Risk assessments for different business units. And so much more.”

The Solution

A holistic approach to cyber security

“When we start working with a new customer like Bunzl, we take a step back and have a really good look at their whole environment. Yes, we knew they needed to tick certain boxes to meet this compliance deadline, but we also knew that they needed help in reducing risk across the business,” said Peloton’s CEO, Scott McKean.

The Bunzl team agreed. Now, with Peloton’s help, Bunzl has implemented a rich array of security strategies to enhance its cyber security maturity and reduce overall risk. Key tactics include the deployment of Microsoft Azure Sentinel, Defender for Endpoint and Servers, a managed detection and response capability, vulnerability management for internal and external scans of the network and infrastructure, and a complete risk assessment of different business units.

Peloton also steps up whenever an acquisition is on the cards. Performing a complete cyber security assessment on a target business helps Bunzl identify and address any known risks before each business is acquired, and delivers a competitive advantage by potentially fast-tracking deals and decreasing time to realise synergies from integration. “As an organisation, we’re growing very rapidly. We need to be able to ensure that we can protect all of our businesses, and bring new businesses up to that baseline before we integrate them onto our network,” Chakour-West said.

The Results

Cost savings are just the beginning

Since partnering with Peloton, Bunzl has realised licencing cost savings thanks to more streamlined use of cyber security tools. “These cost savings are great, of course. But the real results are around how secure we have become. Our cyber security maturity has been greatly enhanced—this is a huge achievement for less than six months of work,” said Chakour-West.

“And we now have a clear plan on how we can continue to improve on this position over time. Importantly, we can also demonstrate to the board how much we’ve reduced risk in financial terms while also meeting our compliance needs. This speaks their language.”

As well as delivering demonstrable results that reduce risk, Peloton is also helping Bunzl build and strengthen a security-focused culture, which is critical given the frequency and scale of cyber attacks today. “We’re a lean IT team—Peloton has shown us how they can become a true partner. They know our environment. They know how we operate as a team. Scott recently ran an ‘Ask us Anything’ session, where no question was a silly question, and we had a great turnout. We really appreciate that extra personalised touch,” said Chakour-West.

“They’re always at the other end of the phone if we need them. Most importantly, they’re here to help us stay one step ahead in this ever-changing, fast-paced cyber landscape.”