Russ Verbofsky, the Chief Information Officer at the State of New Mexico Department of Game and Fish, faced significant challenges when he joined the organization. The department's technology infrastructure was outdated, and he had to replace almost every piece of hardware, including switches, routers, firewalls, and servers. With a small IT team of 14 people, half of whom were on the help desk and the other half in application development and database administration, Russ had to support nearly 300 employees across the state. A quarter of these employees worked in the field and connected to the network via VPN, adding complexity to the task. Additionally, the department needed to securely manage its web application for selling hunting and fishing licenses, which accounted for two-thirds of its budget. Another critical requirement was achieving PCI compliance, as credit card information had never been processed through the PCI perspective before. This compliance needed to be achieved across 36 different state agencies.

MCSI wanted to test the ability of their back end, role-based access controls to curb attempts to elevate privileges. They needed an official way to inform clients and regulators on the security and integrity of their systems, while also satisfying HIPAA standards with a third-party evaluation.

The cyberattack came in early 2016, when IT manager Tom Brown was on a trip to eastern Europe. Back at headquarters, his staff reported that email had gone into meltdown. Customers were calling in to report that they received emails from Liberty Wines with an unusual attachment, which turned out to be malicious. At the same time, the team was being bombarded by a backscatter of hundreds of thousands of non-delivery receipts related to the malicious email. Tom had to ensure that this wasn’t from an internal breach — that’s when Brown called in the experts at Rapid7. Brown had used Rapid7 software in the past and knew of them as a leader in the security space. He had previously identified a need to track and analyze user authentications and behavior but couldn’t find anything suitable. Until Rapid7 there really wasn’t anything on the market that could easily scale from an SME like Liberty Wines right up to a large enterprise deployment. The architecture of the InsightIDR system allows it to fit any size, both from a scale and a startup cost perspective. He’d arranged for a live demo, been impressed, and allocated budget to install it the next financial year. However, the attackers had other plans.

One of Benjamin Nawrath’s biggest challenges is maintaining compliance with Germany’s IT Security Act (ITSG), which became law in 2015 but applies from July 2017 onward. The law requires all critical infrastructure providers to run an advanced cybersecurity program designed to ensure the availability, integrity, authenticity, and confidentiality of their IT infrastructure. It also demands that organizations regularly provide certification proving their compliance. Failure to do so could result in a fine of hundreds of thousands Euro. With a large and complex environment to monitor (including 2,000 IP addresses), limited IT staff resources, a growing compliance burden, and ever-determined hackers to keep at bay, Benjamin Nawrath needed robust technology solutions to help overcome these major challenges.

The University of Palermo faced significant challenges in managing and securing a vast number of assets with a small IT team. They needed a solution that could provide comprehensive visibility into vulnerabilities and overall risk, as well as streamline the process of querying and analyzing log data. The university also required a secure method for log retention to meet compliance requirements and sought flexible visibility across a range of operating systems, including Windows, Mac, Linux, iOS, Android, and Windows phones. Prior to adopting Rapid7's solutions, the university relied on Snort and AlienVault OSSIM for incident detection and response, which proved to be less efficient and intuitive.

Sierra View Medical Center faced significant challenges in maintaining real-time visibility and control over its endpoints and servers. The healthcare industry, being a prime target for cyberattacks, required robust security measures to protect sensitive patient data. However, the existing system at Sierra View relied on outdated data from quarterly and biannual scans, which were up to six months old. This outdated information made it difficult to prioritize and assign remediation tasks effectively. The lack of granularity in the CVSS scores further complicated the process, making it nearly impossible to manage vulnerabilities efficiently. As the sole full-time information security practitioner, Scott Cheney needed a more streamlined and automated approach to share risk insights with the IT operations, networks, and systems staff.

Financial institutions around the world have always been an attractive target for hackers keen to get their hands on sensitive customer data, launch online extortion attacks, and interfere in internal business processes to siphon away funds. Even in the United Kingdom, one of the most mature global financial services markets, breaches reported to the regulator soared by 480% in 2018 according to RPC. As part of its customer offerings, Resimac issues a credit card, which means that it is also bound by strict PCI compliance rules. This puts extra pressure on an in-house security team already tasked with keeping escalating threats at bay. With just a handful of staff, Mihalek and his team manage a footprint of approximately 600 assets for the 300+ employees across Australia, New Zealand, and Manila. Needing extra help to support its PCI compliance program—and drive best practices to improve security across the organization—Mihalek sought the help of an outside managed security services provider back in 2017. The decision was underlined by a security incident the firm suffered, an incident Smith claims would have been picked up by a managed security service if one had been in place. But there were also good financial reasons for outsourcing security, says Mihalek.

Chad Kliewer, the Information Security Officer at Pioneer Telephone, was tasked with implementing a comprehensive security plan and ensuring compliance standards across multiple departments, including corporate, telephone, and broadband services. The challenge was compounded by the absence of a centralized IT group, making it difficult to create a cohesive infrastructure. Additionally, there was no formalized scanning process in place, leading to a lack of visibility into the network assets and vulnerabilities.

The University of Texas at Dallas faced significant challenges in managing vulnerabilities across its campus network. The primary goal was to reduce vulnerabilities, detect and investigate security incidents faster, and manage threat exposure effectively. The security team needed a solution that could provide comprehensive visibility into information security risks, correlate user behavior with events, and improve incident response times. Additionally, they wanted to ensure that new technology purchases underwent thorough security assessments before going into production.