Discover what’s really driving the shift toward unified security
Discover how geopolitical tensions are fueling advanced cyber campaigns
Is the Quantum Threat Closer Than You Think?

Doing digital justice: MoJ’s network and security transformation with Palo Alto Networks

SUMMARY

Justice Digital is the Digital and Technology function for the Ministry of Justice (MoJ), a major government department at the heart of the justice system in England and Wales. ‘The Justice Digital strategy’ aims to deliver improved, simpler and faster services for more than 96,000 users and citizens across 1,200 courts, prisons, probation and attendance centres and arms -length bodies (external organisations that work with the Ministry).

However, a fragmented legacy network security solution was lacking centralised visibility into modern cyberthreats, impacted operational efficiency, and undermined the MoJ’s vital work. By standardising on a Palo Alto Networks’ modern platform approach to network security, the MoJ is now delivering fast, intuitive, secure connectivity across 130,000 devices. This revolutionary step is advancing judicial services in line with the MoJ’s goals while also effectively improving prisoner rehabilitation.

RESULTS

5x

increase in WAN performance

400%

increase in automatically resolved incidents per day

Full visibility

into network traffic
CHALLENGE

Modernise and consolidate complex networks and security

Adopting unified IT and security is a key component of the Ministry’s vision. It needed a consolidated, innovative, and responsive solution that could:

  • Integrate network security into a single solution to meet growing demand for services, including integration with MoJ agencies.
  • Improve configuration to allow for fast deployment of new service offerings.
  • Consolidate fragmented security visibility to enable proactive incident resolution and reduce Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), and operational risk.
  • Release resources and enable more time to be focused on strategic work by reducing the burden of manual incident management.

“We’re creating an evergreen network security environment with Palo Alto Networks. Security consolidation will continue to make our justice services simpler, faster, and better for everyone."

- Nava Ramanan

Deputy Director – Digital Infrastructure and Security Operations
Ministry of Justice

SOLUTION

Protecting the principles of justice in a digital age

The ability to protect against modern, sophisticated threats has long been critical for ensuring a secure, agile digital service. As a user of Palo Alto Networks Next-Generation Firewalls for many years, the MoJ selected a Palo Alto Networks AI-Powered Prisma SASE platform to spearhead its network security modernisation strategy.

By consolidating SD-WAN and Security Service Edge (SSE) into a cloud-delivered, unified SASE service, the MoJ has supercharged its resilience, visibility and control.

MoJ’s Security Operations Centre has been transformed to proactively monitor, detect, analyse and respond to cybersecurity threats and incidents in real time, ensuring the protection of digital assets and data. This is achieved using a coherence of innovative technologies including Cortex XSIAM for security information and event management, attack surface management and real-time risk identification. Nava and his growing team now have more time to focus on meaningful threat-hunting tasks and effectively handle real incidents.

“We are prioritising fundamental principles like cloud-first, secure-by-design, and a Zero Trust security model. This ensures that our infrastructure remains secure and aligned with the latest technological advancements and AI-driven innovations."

- Nava Ramanan

Deputy Director – Digital Infrastructure and Security Operations,
Ministry of Justice

“Using Prisma SD-WAN and Prisma Access has given us far greater visibility into our traffic and control over our security policies organisation-wide in comparison to the fragmented services we had previously.”

- Tom Churnside

Head of Network Architecture,
Ministry of Justice

“SASE unites the networking and security tools we need to protect MoJ’s vast network. We can quickly adapt to our hybrid workforce and our cloud, and digital initiatives, as well as expand into AI – and all from a single solution.”

- Nava Ramanan

Deputy Director – Digital Infrastructure and Security Operations,
Ministry of Justice

“Wi-Fi is transparent. People walk in, and it works.”

- Nava Ramanan

Deputy Director – Digital Infrastructure and Security Operations,
Ministry of Justice

“We can now focus on the important things rather than upgrading software. We can take control of our own destiny.”

- Tom Churnside

Head of Network Architecture,
Ministry of Justice

“In the past we just saw incidents; now we are seeing complete threat insights. Alert grouping and SmartScore, for instance, will help us connect low-confidence events into high-confidence incidents. The platform has huge potential and we have already migrated the HM Courts and Tribunal Service to XSIAM.”

- Nava Ramanan

Deputy Director – Digital Infrastructure and Security Operations,
Ministry of Justice

“The results have been made possible thanks to the teams collaborating closely to maximse the value delivered by the transformation program”

- Nava Ramanan

Deputy Director – Digital Infrastructure and Security Operations,
Ministry of Justice

Supports prisoner rehabilitation

Dedicated internet access circuits for WAN connectivity using SD-WAN have led to an average five-fold uplift in bandwidth. Prisoners can securely use devices for administrative tasks and access important daily information from their cells, increasing their self-confidence and improving their behaviour, which helps reduce the risk of reoffending.

Increases performance and reduces costs

Prisma SASE provides proactive and predictive Zero Trust security to every MoJ user. It routes traffic directly to its destination rather than through on-premises pinch points, and operates over low-cost dedicated internet access circuits. “Wi-Fi is transparent. People walk in, and it works,” says Nava. The MoJ has increased efficiency by insourcing the network platform, as opposed to relying on private or managed WAN solutions. “We can now focus on the important things rather than upgrading software. We can take control of our own destiny,” adds Tom.

Transforms security monitoring

Cortex XSIAM is pivotal to the Justice Digital strategy. The MoJ and HM Courts and Tribunals Service (HMCTS) currently monitor 120+ critical services through a transformed security operations team and centralised platform. The MoJ’s technology strategic SOC transformation has resulted in optimised costs of replacing three different security monitoring tools, enhancing service resilience and significantly strengthening its security posture. This provides the MoJ with a complete, timely insight into alerts and incidents across the estate as they occur and reduces the risk of future critical outages.

Almost 15 terabytes of data per day is currently being ingested into a single environment from 192 data sources, spanning the MoJ’s network devices, identity platforms, endpoints, and many more log types and sources.

Reduces SOC workload

Automated playbooks proactively support risk management, providing analysts with a customisable process for managing tasks and actions at scale, reducing manual processing and enhancing response times.

The MoJ SOC is resolving around 600 incidents a day, a six-to-twelvefold increase. Coupled with a new operating model and investment in SOC resources this allows the MoJ SOC to more effectively monitor a greatly increased volume of services.

The organisation is using the power of XSIAM to support its SOC transformation, combining the MoJ’s SOC with the outsourced HMCTS SOC; this will reduce support overheads and, ultimately, the cost to the taxpayer.

Reduces MTTD/MTTR

Incidents are now detected in minutes, with a significant increase in threat visibility across the organisation and XSIAM is already surfacing previously hidden incidents. “In the past we just saw incidents; now we are seeing complete threat insights,” says Nava. “Alert grouping and SmartScore, for instance, will help us connect low-confidence events into high-confidence incidents. The platform has huge potential and we have already migrated the HM Courts and Tribunal Critical Services to XSIAM.”

Accelerates time to value

The Palo Alto Networks Customer Success and Professional Services teams have been instrumental in driving innovation and maximising the value from this transformation programme. “The results have been made possible thanks to the teams collaborating closely to maximse the value delivered,” says Nava.

Helping to deliver a world-class justice system for all

Through an innovative partnership with Palo Alto Networks, the MoJ is delivering on its goals to provide a secure and responsive digital service, improve prisoner rehabilitation, and reduce reoffending. In time, all courts, probation offices, prisons and head offices will be securely connected with logical separation to their data and applications. The SASE platform will also enable fast, trusted integration to 34 third-party MoJ agencies and public bodies. With the Palo Alto Networks platform approach, Nava and his team have more confidence in the MoJ’s security technology and overall security posture than ever before.

Download article

CUSTOMER DETAILS

Justice Digital

Government

United Kingdom

gov.uk/government/organisations/ministry-of-justice

Products Used

Cortex XSIAM

Prisma Access

Prisma SD-WAN

NGFW

Panorama

Zero Trust

Download article

Be a thought leader

Become an advocate for Prisma SASE and gain exposure for your organization.

Get the latest news, invites to events, and threat alerts