Case Study

Smart Pension

What we did for Smart Pension

Industry: Finance

Published: 03/02/2026

Project Overview

Smart Pension wanted to improve the efficiency of their security operations. They wanted support to reduce costs, prioritise threats, and reduce manual processes in the management of complex data. With the business expanding and teams evolving, change was essential. Searching for a dependable solution with 24/7/365 monitoring, Smart Pension turned to SEP2 after a recommendation from Google. From this, they adopted SEP2’s Wingman XDR (Extended Detection and Response) service – a combination of MDR (Managed Detection and Response) and EDR (Endpoint Detection and Response) – to deliver comprehensive coverage and ease internal resource constraints.

The Challenge

The team needed a more efficient workflow
They wanted to reduce manual processes, especially for analysts
They were looking for greater value for money, with enhanced service to expand data coverage and reduce error

The Solution

Following a rapid 14-day migration, SEP2 took over security operations, enabling the internal team to prioritise strategic and proactive initiatives including threat modelling, security simulations and in depth testing
SEP2’s experts helped to categorise and prioritise team resources on threats with the biggest impact
The partnership delivered quickly, within 3 months the team was ready to remove the prior system, and utilise SEP2’s full functionality

Who is Smart Pension

Smart's mission is to transform retirement, savings and financial wellbeing, across all generations, around the world. Smart Group delivers this across two brands - Keystone and Smart.

Keystone, Smart’s proprietary savings administration platform, supports large organisations, governments and financial institutions around the world to launch new products, scale and reduce administration time and effort. Smart Pension is one of the largest UK workplace pension providers, using the Keystone technology to manage pensions for millions of UK savers, and serves over 90,000 employers.

Why Smart Pension Chose SEP2

The decision to choose SEP2 followed a formal Request for Proposal (RFP) process involving multiple qualified providers. For Will Reddin, Cyber Security Manager at Smart, the final choice was driven by a combination of technical capability, service quality and actionable intelligence, all aimed at solving the operational challenges left by their previous provider.

When evaluating solutions, Will wanted a partner that could deliver broad coverage and high-quality analysis. The platform needed to secure cloud, endpoints and the entire technology stack, while accommodating edge-case legacy systems. Although Smart is primarily cloud and SaaS-focused, coverage for critical legacy scenarios remained essential. During the Proof of Concept (POC) phase, a major priority was the quality of actionable intelligence, moving beyond simple data collection.
Smart also needed a partner who could support the prioritisation of alerts through triage. Will explained: “We didn’t want somebody who was just going to ship alerts to us and ask us to look into them. We wanted them to do that kind of filtering out for us and then only allow us to escalate when there was something that they really thought we needed to look at.”

Timely response was another critical factor. By choosing SEP2, Smart secured a managed service that combined robust platform coverage with expert analyst triage, allowing their team to shift focus from firefighting to strategic security work.

Making the Switch to SEP2

The transition to SEP2’s Wingman XDR service was smooth, with the onboarding process for setting up the instance and configuring log sources completed faster than expected. Thanks to this seamless switch, Smart was able to overlap the new service with their previous provider, ensuring continuous coverage. Will noted: “Immediately we saw that we were getting so much more value from those alerts than we were from others.”

SEP2’s Wingman XDR service streamlined the security team’s operations and communication. Alerts were integrated directly into Jira and supported by instant Slack conversations, eliminating the need for email chains. This new dynamic made SEP2 feel like “an extension of our in-house security analyst team and our security operations centre.” Will praised the tailored approach, saying: “We have a partner who’s thinking about how we can improve these things. It just feels quite bespoke.”

Regular weekly catch-ups and dedicated tuning sessions reinforce this sense of partnership. For Smart, what stands out is the thought behind every escalation. When an alert reaches them, they know exactly why it matters. As Will put it: “Somebody’s actually had a think about it before it reaches us, and that really comes through.”

The Impact

SEP2 delivered richer intelligence that strengthened Smart’s security posture. Weekly threat reports and proactive threat hunting added an extra layer of assurance, complementing in-house efforts. This collaboration led to a significant increase in Indicators of Compromise (IoCs) being blocked and improved overall threat visibility. SEP2’s support also drove a substantial cost reduction for Smart’s MSSP and SIEM solution, enabling the team to achieve more with fewer resources.

Communication was another standout benefit. Will explained: “When we get escalations, we know exactly why they’ve been escalated and what the reasoning is. More importantly, we know somebody’s actually had a think about it before it reaches us, and that really comes through.”

SEP2 tailored detections to Smart’s environment, creating a truly bespoke experience. Will summed it up: “With SEP2, we get a partner who’s thinking about how we can improve these things, rather than just relying on us or giving out-of-the-box alerts that don’t quite work for us.”

The Stats

Despite experiencing a 60% surge in total case volume - reaching a new high of 200 cases in November - the SecOps team demonstrated exceptional operational stability and service value.

The service achieved a powerful 88.00% noise reduction rate, which effectively filtered the vast majority of alerts and ensured analysts could maintain a stable Customer Escalation Rate (12.00%), successfully preventing volume increase from impacting service quality. (Wingman Service Review Page 2)

SEP2 minimised customer disruption throughout the year. Out of 1,715 cases handled, our service successfully resolved 1,502 cases (87.58%) without requiring Smart involvement, ensuring smooth, uninterrupted security coverage.

Smart Pension’s Future with SEP2

Smart’s decision to partner with SEP2 was more than a technology upgrade; it marked a strategic shift. By adopting a managed service model, the organisation is now able to focus on proactive security initiatives that strengthen resilience and reduce risk.

With SEP2’s Wingman XDR service in place, Smart benefits from continuous monitoring, expert triage and actionable intelligence that scales with their evolving needs. This partnership is built on trust and collaboration, reinforced by regular tuning sessions and a shared commitment to improvement. Looking ahead, Smart plans to deepen this relationship, leveraging SEP2’s expertise for advanced threat modelling, red teaming and ongoing optimisation.

Testimonials

Hear From Those We Protect

We didn’t want somebody who was just going to ship alerts to us and ask us to look into them. We wanted them to do that kind of filtering out for us and then only allow us to escalate when there was something that they really thought we needed to look at.

Partnering with SEP2 has strengthened our ability to protect both our people and our customers. Their collaborative approach and technical expertise have allowed us to enhance our security posture while giving our internal teams the freedom to focus on innovation and strategic priorities.

We knew we couldn’t do it on our own. We didn’t have the time, and we wanted additional expertise to guide us through the process. If we tried to do it ourselves, we’d probably spend a lot of time and effort in the wrong areas.

Emails take time, people miss them even for small things, and you can end up waiting weeks for a response. Having support through channels like Slack makes a real difference. SEP2’s flexibility around how we communicate is something I really value.

During the evaluation process it was clear to me that SEP2 were the strongest candidate from a technical standpoint. During our first meeting, their ability to give immediate solutions to ongoing issues we were experiencing at the time was a breath of fresh air.

SEP2 are knowledgeable, motivated and switched on; they take ownership and they have a drive for resolution. They know their stuff! They are not merely a firewall partner, they are a cyber security partner. They take a strategic approach. They are approachable and offer additional value outside of their support contract. Working with SEP2 means we are no longer fire-fighting; rather we can now take a step back and proactively get things sorted. SEP2 say they are tech driven and people powered, and that’s exactly what they are! It all comes down to the people you are dealing with.

When we hit the limits of our knowledge, it’s having SEP2 there to say, ‘Try these things first.’ That expertise on hand is really important to us.

You’re vendor agnostic, which is key for growth, and your team are providing really good insights in terms of the alerts raised. They also provide meaningful context behind them, which is great for us as an organisation,”

To have people like that around our account that we can pick the phone up to and ask questions was refreshing. Ultimately, we trusted SEP2 and we trust you with our cyber security.

Often the term used is ‘you can’t see the wood for the trees’. Most organisations implement security tooling tools and you’ve got different dashboards. The idea is you put them into a single place, and leverage expert resource such as the SEP2 SOC that actually understands that data and work with it on a daily basis. They can assess it case-by-case and escalate it back to us at Funding Circle only when necessary. And that whole process has been really, really smooth.

They are phenomenal: both personable and very knowledgeable. Our main contact is like a fountain of knowledge. If you ask him a question, he always comes back with ten answers – all the shades of grey, not just a ‘Yes’ or ‘No.’ To me that shows the level of passion he has, and that he really wants to do things properly.

The original group of people who founded SEP2 were very deep in their knowledge of this type of technology, which can be complicated. It’s become the whole field of firewalls, intrusion prevention, antivirus, ransomware, etc. Cyber security as a whole has really ballooned, and there’s lots of dimensions to it, but you’ve managed to keep up.

They live and breathe the technology. It comes from the top, however, everyone is an expert within SEP2, from sales through to the service desk. We don’t want to wait to be told what more we can get from vendors’ products. SEP2 are great in pro-actively helping us achieve value-add solutions. They aren’t about chasing revenues, they are about providing best possible value.

Other Case Studies:

Personal Group

Read Case Study

Plum

Read Case Study

Sunbelt Rentals

Read Case Study