As a Managed Security Service Provider, S3 needs to offer clients a security portfolio with the best tools and provide great value, all while maintaining a trusting relationship with the vendor. With attackers becoming more sophisticated, IT environments growing increasingly complex, and a shortage of skilled cybersecurity professionals, it’s no wonder that businesses are increasingly turning to Managed Security Service Providers (MSSPs) to ensure their security program stays current with industry best practices. The MSSP relationship offers a cost-efficient way to mitigate risk, combat threats, and keep pace with compliance regulations.

In a non-profit organization, cost-effectiveness is essential. The USNA Alumni Association & Foundation needed to build a security architecture to protect personal information of alumni. Ken Kurz, the Director of Information Services, faced the challenge of managing an infrastructure that supports 70,000 living alumni without leveraging government resources. The primary concern was to ensure the security of personal information while operating within the constraints of a non-profit budget. Ken's extensive background in information assurance and high-level security engineering made him well-suited for the task, but the challenge remained significant due to the unique constraints of the non-profit sector.

Carnegie Mellon University needed a vulnerability management solution that would scan its assets broadly and offer centralized control for close monitoring and analysis of security threats, as well as the ability to create and export customized reports.

When Eric Nooden joined Redflex as Information Security Specialist, he found many out-of-date server operating systems. Because system stability was a priority with Redflex proprietary solutions, no one wanted to risk outages. The systems administrators were nervous about patching servers, fearing they might break them. The Redflex team had multilayer security in place, with firewalls, anti-virus software, and other technologies, but no dedicated security personnel to manage them. The undermanaged security posture was more reactive than proactive, and Nooden joined Redflex to change that. Additionally, because Redflex passes financial transactions to processing institutions, its systems must pass SAS 70 audits and comply with data protection standards such as Payment Card Industry Data Security Standard (PCI DSS) to avoid fines.

Shackerah, the primary user of Rapid7 Nexpose at the American Chemical Society (ACS), faced challenges in ensuring security holes were quickly plugged and handling PCI DSS compliance requirements. Initially using Qualys, the ACS team sought a new solution due to dissatisfaction with customer service. They needed a vulnerability management solution with robust reporting features, comprehensive vulnerability coverage, and excellent customer support.

Søren Hansen, the IT Security Manager at Chr. Hansen, faced significant challenges in gaining visibility into user activities on the network and detecting intrusions. The company needed a solution that could alert them to suspicious network activity and streamline incident investigations. The primary challenge was to find a tool that could provide detailed insights into anomalous behavior, such as stolen credentials and lateral movement, without overwhelming the team with excessive alerts. Additionally, the solution needed to be easy to deploy and manage, without requiring additional agents on endpoints.

When Microsoft undertook an extensive evaluation of Web Application Vulnerability scanning solutions on the market, the company’s Cloud and Enterprise Security Services team knew it would be no small task. Microsoft wanted to build a world-class, scalable Web App Vulnerability scanning service that would serve all of their different service teams in building secure applications. With the technology landscape rapidly evolving, Microsoft foresaw that the homegrown solution it had previously relied upon for application security would soon struggle to keep pace with modern applications with rich, dynamic clients and numerous APIs on the back-end. So the team undertook an extensive, thorough evaluation that spanned several months and settled on AppSpider as one of its Web App Vulnerability Scanners, based in large part on the product’s roadmap towards being able to handle complex application ecosystems that have rich clients and RESTful APIs.

The University of Salzburg faced the challenge of ensuring optimal performance and minimizing risk across its campus networks. With approximately 18,000 students and 3,000 staff across 30 locations, the university needed a robust solution to manage its IT and security infrastructure. The IT and security teams needed to collaborate effectively to prioritize and remediate issues based on the organization's needs. The university required a solution that could provide actionable insights, higher accuracy in identifying vulnerabilities, and better visibility into risk.

In a large university like Virginia Tech, IT security is a major issue. The Office of IT Security conducted a self-assessment of their compliance with the PCI standards and found they needed a commercial scanner with capabilities beyond Nessus.

Wiltshire Council, a unitary council established in 2009, faced the challenge of managing and protecting the personal information of its residents. With over 5,000 employees and more than 350 diverse services, the council needed an efficient and effective IT service to support, maintain, and provide strategic advice. Annual penetration tests were part of the compliance mandates, and the council needed a solution that could run pen tests all year round. Additionally, the council required a vulnerability management solution that could provide detailed and actionable reporting to help remediate risks in the environment.

Russ Verbofsky, the Chief Information Officer at the State of New Mexico Department of Game and Fish, faced significant challenges when he joined the organization. The department's technology infrastructure was outdated, and he had to replace almost every piece of hardware, including switches, routers, firewalls, and servers. With a small IT team of 14 people, half of whom were on the help desk and the other half in application development and database administration, Russ had to support nearly 300 employees across the state. A quarter of these employees worked in the field and connected to the network via VPN, adding complexity to the task. Additionally, the department needed to securely manage its web application for selling hunting and fishing licenses, which accounted for two-thirds of its budget. Another critical requirement was achieving PCI compliance, as credit card information had never been processed through the PCI perspective before. This compliance needed to be achieved across 36 different state agencies.

MCSI wanted to test the ability of their back end, role-based access controls to curb attempts to elevate privileges. They needed an official way to inform clients and regulators on the security and integrity of their systems, while also satisfying HIPAA standards with a third-party evaluation.

The cyberattack came in early 2016, when IT manager Tom Brown was on a trip to eastern Europe. Back at headquarters, his staff reported that email had gone into meltdown. Customers were calling in to report that they received emails from Liberty Wines with an unusual attachment, which turned out to be malicious. At the same time, the team was being bombarded by a backscatter of hundreds of thousands of non-delivery receipts related to the malicious email. Tom had to ensure that this wasn’t from an internal breach — that’s when Brown called in the experts at Rapid7. Brown had used Rapid7 software in the past and knew of them as a leader in the security space. He had previously identified a need to track and analyze user authentications and behavior but couldn’t find anything suitable. Until Rapid7 there really wasn’t anything on the market that could easily scale from an SME like Liberty Wines right up to a large enterprise deployment. The architecture of the InsightIDR system allows it to fit any size, both from a scale and a startup cost perspective. He’d arranged for a live demo, been impressed, and allocated budget to install it the next financial year. However, the attackers had other plans.

One of Benjamin Nawrath’s biggest challenges is maintaining compliance with Germany’s IT Security Act (ITSG), which became law in 2015 but applies from July 2017 onward. The law requires all critical infrastructure providers to run an advanced cybersecurity program designed to ensure the availability, integrity, authenticity, and confidentiality of their IT infrastructure. It also demands that organizations regularly provide certification proving their compliance. Failure to do so could result in a fine of hundreds of thousands Euro. With a large and complex environment to monitor (including 2,000 IP addresses), limited IT staff resources, a growing compliance burden, and ever-determined hackers to keep at bay, Benjamin Nawrath needed robust technology solutions to help overcome these major challenges.

The University of Palermo faced significant challenges in managing and securing a vast number of assets with a small IT team. They needed a solution that could provide comprehensive visibility into vulnerabilities and overall risk, as well as streamline the process of querying and analyzing log data. The university also required a secure method for log retention to meet compliance requirements and sought flexible visibility across a range of operating systems, including Windows, Mac, Linux, iOS, Android, and Windows phones. Prior to adopting Rapid7's solutions, the university relied on Snort and AlienVault OSSIM for incident detection and response, which proved to be less efficient and intuitive.

Sierra View Medical Center faced significant challenges in maintaining real-time visibility and control over its endpoints and servers. The healthcare industry, being a prime target for cyberattacks, required robust security measures to protect sensitive patient data. However, the existing system at Sierra View relied on outdated data from quarterly and biannual scans, which were up to six months old. This outdated information made it difficult to prioritize and assign remediation tasks effectively. The lack of granularity in the CVSS scores further complicated the process, making it nearly impossible to manage vulnerabilities efficiently. As the sole full-time information security practitioner, Scott Cheney needed a more streamlined and automated approach to share risk insights with the IT operations, networks, and systems staff.

Financial institutions around the world have always been an attractive target for hackers keen to get their hands on sensitive customer data, launch online extortion attacks, and interfere in internal business processes to siphon away funds. Even in the United Kingdom, one of the most mature global financial services markets, breaches reported to the regulator soared by 480% in 2018 according to RPC. As part of its customer offerings, Resimac issues a credit card, which means that it is also bound by strict PCI compliance rules. This puts extra pressure on an in-house security team already tasked with keeping escalating threats at bay. With just a handful of staff, Mihalek and his team manage a footprint of approximately 600 assets for the 300+ employees across Australia, New Zealand, and Manila. Needing extra help to support its PCI compliance program—and drive best practices to improve security across the organization—Mihalek sought the help of an outside managed security services provider back in 2017. The decision was underlined by a security incident the firm suffered, an incident Smith claims would have been picked up by a managed security service if one had been in place. But there were also good financial reasons for outsourcing security, says Mihalek.

Chad Kliewer, the Information Security Officer at Pioneer Telephone, was tasked with implementing a comprehensive security plan and ensuring compliance standards across multiple departments, including corporate, telephone, and broadband services. The challenge was compounded by the absence of a centralized IT group, making it difficult to create a cohesive infrastructure. Additionally, there was no formalized scanning process in place, leading to a lack of visibility into the network assets and vulnerabilities.

Kyriba, a global treasury management solution provider, faced the challenge of maintaining world-class cybersecurity operations to protect its multinational cloud-based infrastructure. With stringent regulatory compliance requirements, including GDPR, CNIL, and SWIFT connectivity standards, Kyriba needed to ensure robust security measures. The company aimed to achieve enterprise-grade security results with a lean security team, necessitating the use of intelligent automation to offload monitoring and triaging duties.

CyberPeak Solutions faced a significant challenge in providing consistent and reliable cybersecurity monitoring to its clients. Despite their technical proficiency and efficient service agreements, there was a disparity between the perceived and actual quality of cybersecurity monitoring. Clients often believed they were receiving comprehensive monitoring, akin to a full-scale security operations center (SOC), but in reality, the monitoring was limited and often handled by a single individual. This co-managed services model left CyberPeak's team frustrated and concerned about potential gaps in their security coverage. The company needed a solution that could enhance their monitoring capabilities without requiring a large team of analysts.

The University of Oklahoma faced a significant challenge in managing the vast number of security events generated by their network sensors. With over 80 million security events and 350 alerts per week, the small security team, consisting of 10 full-time employees and 3-4 student security analysts, struggled to monitor and respond to these events effectively. The high volume of false positives further complicated their efforts, making it nearly impossible to identify and address genuine threats promptly. The university's IT infrastructure, accessed by approximately 90,000 user accounts from over 120,000 devices, required a robust and efficient security solution to protect against internal and external threats.

Smaller or mid-sized financial services companies face the same security challenges as large banks and major investment firms. No matter its size, any company that processes or stores consumer financial data needs to ensure that information is well protected. This is especially important for organizations that process large volumes of high-value transactions. Our customer, the mortgage and title division of a Fortune 500 home building firm, needed to protect the data of its thousands of customers with a security team of only four full-time employees. To achieve this goal, the team deployed the Respond Analyst side-by-side with their traditional SIEM solution. Comparing the results over the course of a year in which both solutions ingested the same data, they are highly confident that the intelligence and reliability of Robotic Decision Automation has made it possible for them to build a more efficient and cost-effective security program with no loss of detection accuracy.

Like many manufacturers, boat maker Smoker Craft had enormous amounts of data stored on paper, making it nearly impossible to access and analyze in a timely manner. The legacy paper system provided no controls or standards, leading to inconsistent evaluations and data collection. Inspectors had to climb over boats to perform inspections, and any attempt to use the data required many hours of compiling, retyping, and sorting. This often resulted in solving the wrong problems due to the inability to see the big picture. The company operated using old data or handwritten notes, leading to cynicism, conflict, and apathy among employees.

Min Huang, Data Management Engineer for TRUMPF, was looking for a way that process control data could be easily accessible to whoever needed it without getting bogged down in numbers or in analyzing what the key data is indicating. TRUMPF is the largest manufacturer of fabricating equipment and industrial lasers in North America, providing innovative, high-quality products and solutions in the areas of sheet metal processing, laser-based production processes, electronic applications, and medical technology. That means there are a lot of things to get right. Precisely right, in fact. No margin for error, but multiple ways that errors can occur.

Although the company had made major improvements to production throughput and first pass yield, they had reached a plateau and wanted to push through to the next level. To achieve this they needed better knowledge management, especially of repair data, in real time. Critical production repair data was being collected in a variety of ways in a host of different data systems. No standard processes were in place that prescribed or enforced what to do with data. Time to capture data was too high, and the data that was captured was not used effectively because it was not timely or accessible. The leadership team wanted to establish a company-wide, user-friendly database that would further their company's evolution into a data-driven, fix-to-root-cause culture. They knew they would have to refine and improve defect categorization, and define processes to enforce the use of data to investigate, resolve to root cause, and monitor quality.

The Quality Manager at a privately-held metal fabrication company in the automotive and heavy equipment industry faced a critical issue. Customer and ISO procedures required the vendor to conduct periodic, destructive tests on finished products. However, inspection sheets were rarely filled in completely or accurately. Even when completed, the data was not accessible in a usable format. The inspection procedure was complex, requiring many steps, intermediate calculations, and conditional branching, making it comparable to a federal income tax form. The volume of data made it difficult to computerize, and reports often sat in a queue for six or seven weeks before being logged in a database. Reports to customers were often delayed and incomplete, rendering the data useless for process improvement. The manager envisioned a computerized system that would guide the operator through the inspection process, presenting on-screen forms identical to the printed forms the operators were used to seeing. This system aimed to eliminate math and transcription errors and speed up the process by having the operator enter data directly into a computer system.

The AKI Group faced significant inefficiencies in its in-house transport operation, which was responsible for delivering to a wide range of customer locations across the UAE. The company processed around 25,000 orders a month, equating to 12,500 deliveries to up to 5,500 customer sites. Manually planning such a large multi-drop delivery operation was proving to be inefficient. Additionally, the company had to comply with strict regulations governing commercial vehicle usage for different types of loads, which added complexity to the planning process. The transport team also faced challenges related to workforce management, as each delivery vehicle was typically staffed with a two- or three-man team, leading to increased workforce overhead and potential delays.

With the food-on-the-go sector rapidly expanding in the UK, retailers like Greggs face growing pressure on their supply chains to meet changing customer expectations. Greggs needed to transform from a decentralised traditional bakery business into a centrally-run, food-on-the-go brand. This transformation required reshaping its supply chain to support shop expansion beyond 2,000 outlets and to meet the choice and availability customers demand. The distribution planning had become progressively more complex, requiring advanced planning tools to achieve the highest levels of efficiency, utilisation, and service performance.

LF&E Refrigerated Transport faced the challenge of ensuring timely and reliable deliveries of temperature-sensitive pharmaceutical and healthcare products. The company needed to maintain high service levels, meet stringent industry standards, and handle a variety of delivery requirements, including time-sensitive consignments and deliveries to vulnerable customers. Additionally, LF&E needed to optimize fleet utilization and improve customer communications while managing the complexities of delivering to multiple locations with varying requirements.

Roberts Bakery, a historic bakery founded in 1887, has grown to become the fourth largest supplier of branded bread in the UK. With a large and varied fleet of 50 to 60 vehicles on the road at any given time, the bakery faces the challenge of delivering fresh baked goods with a short shelf life to over 2000 customers across the UK. The production team often sets the schedule to meet customer requirements, which can be challenging for the transport team that requires real-time oversight and flexibility. The primary goal is to ensure that the baked goods are delivered quickly, safely, and efficiently, maintaining their quality from the oven to the customer's table.