BDO is one of Norway’s largest advisory and audit environments, with around 1,600 employees across more than 50 offices and close to 35,000 customers. The company delivers audit, advisory, and legal services, and handles large amounts of business-critical and sensitive information on a daily basis. Every day, BDO’s employees go to work to help organizations create and safeguard value – and work closely with both customers and local communities across the country. Globally, BDO has more than 111,000 employees in 164 countries.

Need for a better SOC solution

With today’s threat landscape and geopolitical situation, BDO needed a better SOC – an IT security foundation. A SOC (Security Operations Center) is a service that monitors, logs, and reports on IT security incidents.

– Digitalization means that IT security must be an integrated part of the IT infrastructure. We have a great deal of critical information that cannot be exposed or compromised. In addition, we must have access to our systems around the clock. On top of that come regulatory requirements, such as NIS2, DORA, and GDPR. These laws also impose requirements on cybersecurity. Altogether, this places significant demands on the SOC, says Krister Gui, Information Security Specialist at BDO.

Krister Gui, BDO

Artificial intelligence (AI) has also given cybercriminals powerful tools. This has led to an increasing number of more complex cyberattacks. AI makes it, for example, much easier for attackers to send out realistic phishing emails. AI is also used to carry out more sophisticated cyberattacks than before. This places significant demands on comprehensive, around-the-clock monitoring of the entire IT environment.

Solid SOC from Arctic Wolf

BDO conducted a thorough evaluation of various SOCs (Security Operations Centers) in the Norwegian market and found that none met the needs the advisory company had. BDO therefore looked at foreign providers and ended up with Arctic Wolf. Arctic Wolf recommended that BDO purchase the SOC solution through Sicra, which is one of Arctic Wolf’s most certified and competent Norwegian partners.

Comprehensive monitoring and logging without affecting the price is among the reasons why BDO chose Arctic Wolf.

– Arctic Wolf’s SOC logs the entire IT environment, not just one part, without affecting the price. They monitor cloud environments, on-prem, and other parts without limitations on the number of logs. The fact that they collect logs from all sources is important. The more logs you have, the easier it is to detect incidents and provide a rapid response. In addition, we avoid blind spots, says Gui.

He also highlights that Arctic Wolf is a large, global player that collects millions of logs from around the world every day. This enables them to detect new attack trends and vulnerabilities more quickly than players in the Norwegian market.

Read about "Cyber Threat Landscape 2026: Insights from Arctic Wolf’s threat report" here >

Sicra ensured a structured implementation

Sicra ensured a structured implementation of Arctic Wolf’s SOC services such as Managed Detection and Response (MDR), Incident Response Jumpstart (IRJ), and Managed Risk. The solution provides BDO with around-the-clock monitoring, improved incident management, and a better basis for decision-making. The result is a significantly improved security service, with better visibility into digital risk, faster response to incidents, and increased confidence for both management and the organization.

What distinguishes Arctic Wolf from many other SOC providers is the overall scope and scale of the monitoring. The solution covers the company’s entire IT environment, without limitations on logging, at the same cost regardless of the number of logs. The SOC is built on insights from millions of incidents worldwide – every day. Arctic Wolf’s SOC combines technology, threat intelligence, and dedicated security experts. This provides earlier alerts, fewer false alarms, and a better basis for decisions on how to handle incidents.

In addition, Arctic Wolf works continuously and proactively with customers to improve security. This takes place, among other things, through monthly focus areas, for example login solutions such as Microsoft Active Directory (AD)/Entra AD, improvement of endpoint security, access management, and so on.