*Reassuringly dull cyber security e: info@normcyber.comt: +44 (0) 203 855 6215

Case Study: Montreal Associates


Montreal Associates; an IT recruitment consultancy with offices throughout Europe, chose Norm’s comprehensive Cyber Security as a Service (CSaaS) offering, to ensure the confidentiality of client and candidate data with managed protection 24/7/365.

The Challenge
The UK recruitment industry is heavily regulated, and recruiters are bound by law to meet certain standards. Given the nature of recruitment, the handling of both sensitive category client and candidate data is the norm and as a member of APSCo, Montreal Associates must also adhere to their Code of Conduct, which goes beyond the statutory rules.

With the arrival of GDPR legislation and the ever-increasing demands from its blue-chip customer base to adhere to the highest possible security standards; MA needed to identify a data and Cyber security solution which was comprehensive, easy to manage and affordable.

“The challenge was to find one provider that had the breadth of capabilities and expertise to not only provide recommendations and/or point products, but to deliver an overarching service. We were familiar and comfortable with the concept of outsourcing non-core activities, but this was an area of critical importance that wasn’t being addressed properly” explained Rob Elisha, ITC & CRM Manager at MA.

After a review of the offerings available in the market – and having already discounted expensive and complex point solutions – MA engaged norm. to deploy their CSaaS offering, which combines a best-in-class technology platform with on-going advice around data protection and ensuring compliance with GDPR.

 David Perez, CEO of norm. believes the problems faced by Montreal Associates weren’t unique. “It’s common challenge we see in many mid-market companies that take data and system security seriously. Our CSaaS solution offers a service built round our customers’ needs and incorporating their existing security technology; that works and is affordable. It gives peace of mind and allows them to retain control and visibility – all for a single monthly fee.”

“We’ve also partnered with norm. for data protection services (DPO as a Service), which allows us rapid access to expert knowledge in the area of GDPR and compliance from their lawyer-led team who have more than 30 years’ experience. We get best in class advice and support – more than we could ever have achieved by resourcing in-house – saving us both time and money” Rob added.

Meanwhile, the UK based 24/7/365 Security Operations Centre has meant that threats to MA’s network are being picked up, managed and resolved quicker than they would have been historically. “norm’s penetration testing layer, along with the suite of CSaaS modules has enabled us to exceed all our audit requirements for our major clients” explained Rob.


About Montreal Associates
Montreal Associates was established in 1978 to address the skills gap in enterprise information technology, supporting businesses to find the best talent to shape their IT systems.

MA are a trusted recruitment partner to many of the leading technology companies with offices in the top European Tech cities, serving the global market.

Appointing NormCyber as our virtual DPO has given Ferrero the best of both worlds – access to data protection experts who understand what we stand for as a business, without the hefty overheads usually associated with appointing an in-house DPO.

Harpreet Thandi
Regional Counsel, UK & Ireland, Ferrero

We were looking for a virtual DPO service that offered all of the benefits of a fully qualified data protection lawyer, without the overheads of an in-house hire. The DPaaS solution from norm. has been invaluable in helping us to ensure we respect the integrity of our customers’ personal information, while using it to continue to deliver differentiated products and services which support our growing customer base.

Mike Whitfield, Compliance Manager

CSaaS allows me to step away from multi-vendor management as the Security Operations Centre coordinates all of the technology for me.

David Vincent, CTO

We were in the market for an independent Data Protection Officer service that was well versed with both UK and EU regulators. We’re thrilled to have acquired this service knowing that an expert is available 24/7.

Suzanne McCabe, Head of Project Management
James Hambro & Partners

Norm’s penetration testing layer, along with the suite of CSaaS modules has enabled MA to exceed all its audit requirements for its major clients.

Rob Elisha, ICT and CRM Manager
Montreal Associates

The speed of your Data Protection Officer’s response was very impressive – it was far quicker than I would have expected even from an in-house DPO

Will Blake, Director of Technology and Analytics
CRU Group