Inchcape Shipping Services has been moving ships around the world since 1847. Today that means 90,000 port calls a year, 3,000 people, 250+ offices across 60 countries. When something goes wrong with IT or security anywhere in that network, the ripple moves fast.
Lee Scott has been Head of Cyber Security there for the better part of a decade. He’s seen more security stacks than most, and he doesn’t measure them by the number of tools, he measures them by visibility.
The Stack That Didn't Talk
Inchcape’s security environment had grown organically over the years, which is another way of saying nobody had ever designed it. Vendors had been added as needs arose, contracts had accumulated, and what remained was a patchwork that looked like coverage on paper but functioned as something considerably less coherent in practice. Alerts arrived without context or guidance on what to do with them. Web filtering was unreliable, expensive, and created connectivity problems across a business that spanned 250 offices in 60 countries. There was no shared view across any of it.
For Lee, a security professional with two decades of experience across policing and global enterprise, the diagnosis was straightforward even if the solution wasn’t. He didn’t have a security stack, he had a collection of silos with gaps between them.
The Proof Of Concept That Turned Into Something Bigger
Lee found ThreatSpike through Transputec. The POC started with a single problem: web filtering. Inchcape had been using Bluecoat, which routed traffic through cloud-based proxies. In theory, that’s fine but in practice, staff in the Netherlands were hitting US-based gateways and local services – including Google – kept breaking. For a business running 90,000 port calls a year across 60 countries, a broken internet connection isn’t a minor inconvenience.
ThreatSpike solved it by filtering at the endpoint. Traffic never got backhauled to a distant server and connectivity held everywhere, regardless of geography. This made their standalone filtering contract become unnecessary.
What Lee hadn’t expected was what the POC revealed beyond the filtering problem. Sitting alongside it was an entire fragmented stack: Symantec MSS flagging threats without context or remediation guidance, Microsoft Defender, Symantec Endpoint Protection: three products, three contracts, no shared view. He’d described it himself as having ‘20 degrees of vision, 100 feet out’. There was depth in silos, but nothing joining them up.
ThreatSpike replaced the lot; EDR, SOC, and web filtering in a single interface. The visibility problem Lee had been managing around for years was gone.
Pen Testing Went From Occasional To Everywhere
Before ThreatSpike, penetration testing at Inchcape was ad hoc. Quote by quote, engagement by engagement, usually covering around 15 key offices. Expensive per test, limited in scope, and producing a point-in-time snapshot that was out of date almost as soon as it was written.
That changed when Lee moved to ThreatSpike. Continuous pen testing across the full estate came as part of the platform. There was no separate contract and no additional budget conversation. Coverage went from 15 locations to all 250+, saving around £30,000 against what the old approach had cost, while testing more of the business more often than had ever been possible before.
Response, Not Just Monitoring
Lee’s background meant he knew the difference between a security vendor that watches and one that acts. ThreatSpike’s SOC monitors the Inchcape network around the clock. When something is detected, the device gets isolated, often before Lee’s internal team has seen the alert.
That matters commercially too. Inchcape’s client base includes major oil and gas companies and liner operators. Those organisations want evidence of 24/7 managed SOC and rapid incident response before they’ll sign. ThreatSpike gives Lee that evidence. Security became part of how Inchcape wins work, not just how it protects it.
Eight Years In & Still Expanding
Inchcape came to ThreatSpike with a cybersecurity problem. That’s where the relationship started: a fragmented stack, a web filtering crisis, and a security leader who was effectively on call around the clock.
Eight years in, Inchcape continue to expand their ThreatSpike environment as their business requires, but the platform they’re running on today is a significantly different product to the one they first started with. ThreatSpike has evolved from a cybersecurity platform into a fully managed IT and security operation, one that now covers everything from the helpdesk and managed infrastructure through to SOC, EDR, and continuous pen testing in one platform at one fixed price.
If your security and IT are fragmented, let’s have a conversation to see how ThreatSpike can work for your business.
