Palo Alto Networks portfolio helps underpin Registers of Scotland’s digital ambitions

Registers of Scotland is responsible for managing public registers of Scottish land and property, and other legal documents. It is a non-ministerial office and part of the Scottish administration. Its work secures people’s land and property rights and helps underpin the Scottish economy.

The organisation has embarked on an innovative transformation journey to digitise its paper-based services. Modern technology, process automation, and empowered people will enable Registers of Scotland to process thousands of legal applications more quickly and efficiently.

“It’s about removing the pen and paper from the registration process,” says Bob Bowden, Security Architect, Registers of Scotland. “We aim to re-platform Registers of Scotland to a modern, adaptive AWS cloud within a four-year timespan.”

The legacy security system was one of the first systems to come under scrutiny. Outputs from vulnerability scanning were manual and time-intensive to process – as were phishing incidents reported by staff. With the entire organisation moving to AWS cloud, a new, connected security strategy was needed to safeguard data in this newly serverless Land Registry archive.

“Everything was on the table,” says Bowden. “We needed intelligent network security, more powerful endpoint protection, a SIEM to manage security alerts, cloud compliance management, and more.”

Registers of Scotland had two options: to cherry-pick and integrate separate solutions for each security category, or choose a single unified portfolio from one vendor. Bowden explains: “We didn’t have the resources to integrate disparate security technologies. And there’s the risk one of those components would not be aligned.” According to Bowden, Palo Alto Networks offered the best of both worlds: one partner, with one best-in-class security portfolio.

The pandemic was another obstacle. In 2020, Registers of Scotland closed its offices, and any hope of processing property transactions during lockdown faded. The Scottish Government passed urgent legislation allowing the submission of digital registration applications where previously only a paper application was acceptable – but Registers of Scotland still needed an automated means of scanning these digital documents for malware before processing.

At the outset, a Palo Alto Networks Security Lifecycle Review (SLR) summarised the threat exposure and security risks facing Registers of Scotland. It highlighted high-risk applications and vulnerability exploits. The SLR (a free cyberthreat assessment by Palo Alto Networks) findings formed the basis for the new security requirements – to:

• Adopt a unified, best-of-breed cybersecurity platform to underpin Registers of Scotland’s transformation and minimise operational risk.
• Automate security processes while protecting AWS workloads.
• Pinpoint evasive threats by using ML and other techniques to profile behaviour and detect anomalies.
• Secure cloud applications throughout CI/CD development lifecycle.
• Enable transformation from paper submissions to secure, digital submissions.

Registers of Scotland has implemented almost the entire Palo Alto Networks portfolio to deliver complete, consistent, automated protection against cyberattacks. The unified portfolio provides the organisation with the transparent visibility, trusted intelligence, and flexibility to secure its entire digital environment.

Bowden explains: “The Palo Alto Networks portfolio makes sense on every level. Instead of relying on point security solutions, we have a suite of best-practice, interconnected security technologies that are proven to deliver. Our team can focus on value-add tasks, confident that critical security processes are running in the background, protecting our new digital infrastructure.”

The Registers of Scotland security infrastructure comprises the following:

• Palo Alto Networks ML-Powered Next-Generation Firewalls: Virtual and physical firewalls are deployed in the data centres to secure the network, learning continuously to detect threats. Embedded ML, for example, inspects a file while it’s being downloaded and blocks it instantly if it is malicious, dramatically reducing the time between visibility and prevention.
• Palo Alto Networks Cloud-Delivered Security Services: These subscription services (WildFire, Threat Prevention, Advanced URL Filtering, and GlobalProtect) provide Registers of Scotland with consistent, scaled prevention without added infrastructure – breaking up each stage of any potential attack. An innovative application of the WildFire API, for example, enables Registers of Scotland to manage the new government-legislated digital registration application process efficiently and securely. Rerouting files to a firewall for malware scanning was ruled out, as it would interrupt and delay file submission. Instead, users drop files onto a file share outside the network. Palo Alto Networks Cortex XSOAR orchestrates incident response, searching the file share for any files, which are then scanned by the WildFire API. Once verified, files are moved inside the network for processing by Registers of Scotland.

• Palo Alto Networks Cortex XDR: AI-powered security detects and stops each step of an endpoint attack, providing unified coverage across all Registers of Scotland Windows and Linux servers, together with 5,000 endpoints. “Cortex XDR gives us all the benefits of a SIEM, without the overhead on a SIEM,” says Bowden.
• Palo Alto Networks Prisma Cloud: This cloud-native security platform (CNSP) eliminates blind spots and detects threats, giving Registers of Scotland complete visibility, continuous threat detection, and automated response.

• Improves customer experience: The security portfolio simplifies the customer application journey, enabling faster processing of applications, greater visibility of registrations, and elimination of physical documents.
• Reduces risk: Comprehensive visibility and control over the security posture provides Registers of Scotland with risk clarity. Using Prisma Cloud, for example, Registers of Scotland was able to find vulnerabilities in the legacy containerized serverless estate. Half of these vulnerabilities were found in just 12 systems, which were immediately removed or isolated from the network.
• Increases productivity: By automating cloud security processes, the CNSP is saving the organisation the equivalent of four people. Automation and flexibility free the security team to focus on security strategy and collaboration across the business.
• Supports compliance: The connected security infrastructure enables Registers of Scotland to minimise vulnerabilities and meet its statutory and regulatory obligations. It also ensures both data confidentiality and integrity are maintained.

Bowden is positive about the work to date with Palo Alto Networks. “It’s the intelligence of the Palo Alto Networks portfolio that makes the difference. Innovations like Digital Forensics and a ‘shift left’ infrastructure as code policy with Bridgecrew will all help deliver that journey faster and with less risk.”

Read how Registers of Scotland is using Prisma Cloud and Palo Alto Networks Cloud-Delivered Security Services.