Qlik, a leading data integration and analytics platform, was facing the challenge of expanding their cloud footprint while ensuring a cohesive, enterprise-level cloud security strategy. The company, which has grown significantly since its inception in 1993, was already using cloud services across various departments, including Research and Development (R&D) and Security teams. However, they recognized the need for holistic guidance to ensure the adequate protection of their cloud resources and data. As Qlik continued to grow as a Software as a Service (SaaS) technology provider, the use of cloud providers like Azure and Google Cloud Platform also expanded. The challenge was to maintain consistent control of their cloud environments and expand their cloud security best practices into these new environments.

Experity, a dynamic Health Information Technology company, was formed from the merger of the two largest urgent care Electronic Medical Records (EMR) companies in the country. The merger led to a rapid expansion of personnel, office locations, software, and services, creating unique challenges for the security team. The team was tasked with protecting the company from loss events of any kind, requiring business continuity and standardization. The small security team was overwhelmed with the task of managing security operations and building resilience in their security program. The company's growth also meant that the security team needed a platform to vet alerts from the increasing number of employees and contractors. The existing Managed Detection and Response (MDR) platform was inadequate as it only monitored network and server activity and not endpoint activity.

Zoopla, a London-based real estate portal, faced a significant challenge in maintaining the security of its applications. With over 60 million visits a month to its flagship property website and application, the company had to ensure the utmost security for its users. The company's security team, led by Application Security Engineer Alikhan Uzakov, was responsible for guiding hundreds of Zoopla developers through the application security testing process. This included conducting training and helping developers embed security tooling into their processes to ensure the security testing of new features and products before their release. However, with only three staff members, the security team found it challenging to support the vast number of developers.

Domino’s Pizza, the world's largest pizza company, relies heavily on technology for its online ordering and delivery services. The company's security operations center operates 24/7, and one of the biggest security challenges they face is phishing. Spear phishing, in particular, is a significant threat due to the craftiness of threat actors. The company also has a wide attack surface due to its domestic and international markets, making threat hunting a critical task. The company wanted to train its security operations center (SOC) analysts to think like attackers, as many analysts focus solely on detection and response and lack understanding of the tactics used by attackers.

Modine Manufacturing Company, a global leader in thermal management technology and solutions, faced a significant challenge in protecting its digital assets and those of its customers. As the business grew, so did the risks. The company's small security team found themselves monitoring thousands of event sources, up from a few hundred. They needed a partner that could help them improve various parts of their security program, addressing both proactive and reactive security needs. This required a strategic partner with multiple centers of product and service excellence.

Pearl Data Direct LLC (PDD), a FinTech company and subsidiary of LuLu Financial Holdings, faced two major security challenges. Firstly, as a company managing millions of dollars through their application, they were an attractive target for cyber attackers. Secondly, their business operates in the heavily regulated financial sector, requiring strict compliance with central bank regulations. The company needed to ensure the security of thousands of transactions flowing through their system every second, while also complying with stringent cybersecurity regulations. They also had to protect the personal identifiable information (PII) of their customers, which they were required to collect for compliance purposes. Furthermore, their core banking system was connected to a variety of banks, adding to the complexity of their security challenges.

Amedisys, a leading provider of home healthcare, faced a unique challenge in securing their patients’ and employees' data without impacting the usability of their systems. The majority of their user base consists of clinicians who provide care to patients in their homes. It was crucial to provide these medical professionals with a seamless and secure experience, as any disruption could impact the care provided to patients. The challenge was to ensure the security of sensitive data while maintaining the efficiency of their operations.

AMN Healthcare, a leading provider of total talent solutions for healthcare organizations, faced a significant challenge in integrating the cybersecurity systems of 28 recently acquired organizations. These organizations varied in size, from startups with 30-50 employees to established organizations with 2,500 employees, each with their own offices, policies, and frameworks. AMN needed a unified, future-proof security platform to integrate these organizations into their corporate structure, ensuring that every organization was following a singular security standard for detection and response. The challenge was further complicated by the shift to remote work due to COVID-19, which transformed each employee's home into a regional office, creating a lack of visibility and control over home networks.

Blue Valley Unified School District in Kansas, with over 23,000 students and 3,100 staff spread across 35 schools, was committed to providing a safe digital learning environment for its students. However, the district faced significant security challenges. In August 2019, the district was targeted by a successful ransomware attack, prompting a comprehensive security assessment of its vast application and network infrastructure. The district's cybersecurity team identified ransomware attacks, visibility, and staffing as the key challenges. Ransomware attacks were a constant threat, especially given the perception that public school districts have limited budgets and manpower. Visibility was another issue, with the small team struggling to maintain a comprehensive view of the district's security landscape. Staffing was also a concern, with many school districts unable to invest in the necessary staffing and software to deal with the demands of today's cybersecurity environment.

CoStar Group, a leading provider of commercial real estate information, analytics, and online marketplaces, has been expanding its reach through mergers and acquisitions (M&A). As of October 1, 2019, CoStar has spent approximately $2 billion acquiring a total of 27 organizations, each with a unique cloud presence and varying levels of cloud competency. The challenge for CoStar is ensuring the security and compliance of its constantly growing and evolving cloud footprint, which spans across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). When growing through M&A, CoStar must be able to understand the cyber risk of the acquisition target, integrate the newly acquired resources, and maintain the ability of these acquired entities to accelerate innovation through the use of cloud services without the loss of control.

Domestic & General (D&G), a leading provider of subscription-based home appliance care, faced a significant challenge in managing its cybersecurity. With a 110-year old business, the company had an accumulation of systems and dozens of IT processes that had evolved over the years. As D&G expanded globally and digitized, its attack surface grew, and the mixed heterogeneous environment created additional challenges in terms of increased cyber risk. The company lacked a modern platform to identify risk and threats in a hybrid environment, at scale and with context. D&G’s Chief Information Officer, Phil, realized the need to enhance the company’s cyber protections and empower the business to own their cyber risk. However, the company was missing a platform that a modern organization needs to ensure it’s protected adequately.

Elara Caring, one of the largest providers of home health care in the U.S., faced significant challenges following the merger of three home healthcare companies. The consolidation created new opportunities but also posed difficulties for the company’s IT infrastructure and data security. The Chief Information Security Officer (CISO), Eric Bowerman, was primarily concerned with protecting end-users from phishing and ransomware attacks, which are common in the healthcare industry. The shift to a work-from-home environment due to the COVID-19 pandemic further complicated matters. The company had limited management software on the laptops of remote workers, which meant they did not have the same control as when the employees were in the office. This presented compliance issues related to protected health information (PHI).

Maximus, a leading strategic partner to governments worldwide, faced a significant challenge in enforcing standards and ensuring consistency across all public cloud environments. With over 200 AWS accounts under management and a growing Azure presence, visibility into numerous projects spanning AWS and Azure was critical. The company needed a solution that would enforce standards across all public cloud accounts and regions, provide visibility into non-compliant resources, create an exception process for certain resources, and deliver an automated way to take remediation action. Enforcing standards across the entire enterprise with hundreds of AWS accounts and Azure subscriptions and different support models was a daunting task.

Rackspace Technology, a leading end-to-end multi-cloud technology services company, faced a significant challenge in ensuring the security of their customers' data. As a company that designs, builds, and operates cloud environments across all major technology platforms, it was crucial for Rackspace to instill trust and confidence in their customers. The challenge was to ensure that when customers put their data on the Rackspace platform or chose to interact with Rackspace, their data would be secure and protected as if it was Rackspace's own. The company needed a robust and reliable solution to manage vulnerabilities and threats, and to ensure the highest level of data security.

The Royal Orthopaedic Hospital in Birmingham, England, one of the largest specialist orthopedic centers in Europe, faced significant cybersecurity challenges. The hospital's IT department, led by Ray Mian and Ajmal Khan, was tasked with protecting patient and healthcare records and the IT infrastructure from ransomware attacks. The stakes were high, as any system downtime could have drastic consequences in the hospital environment. A significant challenge was the lack of visibility in the environment. The team was unable to identify their assets and lacked the necessary tools for visibility, discovery, and analysis to assess their security posture within the organization. This lack of visibility was identified as a key weakness in their cybersecurity strategy.

US Signal, the largest privately held data center services provider in the Midwest, faced significant security challenges in protecting its customers' networks. The company serves seven of the top ten healthcare systems in Michigan, the largest mental health provider in western Michigan, numerous managed service providers (MSPs), and various financial institutions, which necessitates robust security measures. The company had to deal with a range of threats, including phishing and the increasing pace of vulnerability discovery. The company also had to ensure compliance with various security frameworks and regulations, including SOC 2, PCI, and HIPAA. The vulnerability management software US Signal was using previously was not cloud-friendly and required a lot of on-premises infrastructure, making it challenging to manage their vulnerability assessment program.

Neil Johnson, security manager at Evercore, needed a robust SIEM solution to handle user behavior monitoring and provide comprehensive log search capabilities for data analysis. The existing vulnerability management solution managed by a third party was not meeting their requirements, prompting the need for a more effective solution. The primary drivers for selecting InsightIDR included the ability to alert on anomalous user logins and provide detailed log search functionalities. The head of IT was particularly interested in monitoring user activities to ensure that employee credentials were not compromised.

Before 2008, LSCS supported separate campus IT operations at each of its five campuses with distributed IT support services. Then a new CIO joined the college, and within a month, the Lone Star College System had completely centralized its IT services to support a new vision. Associate Vice Chancellor of Technology Services Link Alander explains, “Through that process we had a series of changes and challenges that had to be achieved to improve reliability and security.” While the college had so far avoided any significant security incident or data breach, it understood the need for a proactive security posture that would maintain user trust. It also needed tools to help prove compliance with regulations such as the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), and other regulations. The LSCS security initiatives are part of 11 strategic technology initiatives, incorporated into the overall LSCS strategic plan for 2009 through 2011. One of its primary security goals is to use ISO 27000 standards as a framework.

Apptio faced a significant challenge in managing the security risks associated with employees accessing corporate data via personal mobile devices. The use of smartphones and tablets for work purposes had increased efficiency but also introduced potential security vulnerabilities. Prior to implementing Mobilisafe, gathering information on connecting mobile devices was a tedious process that did not yield adequate results. The company lacked a comprehensive security policy for mobile device usage, which heightened the risk of data breaches and unauthorized access.

AutomationDirect, a proactive company, wanted to change the security mindset of its IT staff to stay ahead of the latest threats. The company needed to ensure that its IT security practices were robust enough to prevent both internal and external threats. Tim Lawrence, IT security analyst at AutomationDirect, recognized that administrators often prioritize getting systems up and running over security, which could lead to vulnerabilities. After attending the Black Hat convention in July 2010, Lawrence devised a long-term security strategy to address these issues. The goal was to anticipate and thwart potential hackers and eliminate internal oversights that could create inadvertent vulnerabilities. AutomationDirect was not under any immediate known security threat, but the IT security team needed to promote overall security best practices to the entire IT staff to prevent any possible worst-case scenarios.

In 2008, Bob’s Stores faced the challenge of meeting new PCI compliance standards, particularly requirement 11 of the PCI DSS, which mandated regular tests of security systems and processes through internal and external scans. The IT department, led by Nick Sorgio, Assistant Vice President and technology manager, needed a vulnerability management system to meet these standards and protect customer data. The pressure to quickly comply with these new requirements was significant, and Bob’s Stores had no existing vulnerability management system in place. This made finding a suitable tool a top business priority. Bob’s Stores conducted a comprehensive assessment of various vulnerability management vendors, ultimately selecting Rapid7 due to its ability to identify vulnerabilities across networks, operating systems, databases, web applications, and a wide range of system platforms. Rapid7 Nexpose provided the necessary vulnerability assessment scanning and monitoring capabilities to meet PCI data security standards and offered sound vulnerability management practices as part of a comprehensive security program.

Bob Jones, the Information Security Manager for the City of Corpus Christi, Texas, faced the challenge of increasing security awareness across the organization and detecting and investigating attacks more easily. The city’s infrastructure is unique, akin to about 30 separate SMBs operating under a larger parent company, each with different requirements and compliance regulations. Bob's role was multifaceted, involving duties of an analyst, engineer, and penetration tester. He had to change an embedded culture and establish credibility with the CIO and IT Director. The primary challenge was the lack of visibility into assets on the Corpus Christi network, making it difficult to accurately qualify or quantify the level of risk. Bob needed to prioritize remediation to add value and avoid placing a greater burden on the business.

Diebold needed an effective threat exposure management solution that would offer scalability and visibility. Given the pivotal role vulnerability management plays at Diebold, selecting a vulnerability management solution was an important task which the team did not undertake lightly. A main priority for them was the effectiveness of the vulnerability scanner. Diebold needed accurate, up-to-date, real-time data. Scalability was also an important factor; being a global company, they needed the ability to reach around the world without adding administrative overhead.

Securing the Essentia Health network is a complex task due to its multi-billion dollar integrated health system that spans multiple states and roughly one hundred facilities in the Midwest. The network includes fifty thousand IPs, from facilities to medical device equipment. The security team must locate and resolve high-risk vulnerabilities to safeguard patient data and other critical information. Compliance with HIPAA, HITECH, and PCI DSS adds another layer of complexity. Despite compliance, security holes such as weak credentials and improper patches were prevalent. The team needed a solution to perform thorough testing against all active systems and demonstrate risk to secure necessary resources for a vulnerability management program.

Recently, Eyelock set out on a new project: making security airtight for logical access devices. They wanted an external team to take a very close look at their security architecture to implement a design that would allow for access to computers, websites, online banking, and the like. The RFP process kicked off, and the Eyelock team began evaluating various third-party vendors. The top three qualifications were extensive experience with embedded products, a high level of security expertise, and a strong overall reputation within the industry. Through a combination of these factors, Rapid7 won out.

Before Hillsborough County acquired a vulnerability management solution, ensuring that their over 250 servers were secure and compliant proved difficult for ITS’ team of three security engineers. The County’s process was to contract with outside vendors to run periodic vulnerability assessment scans. With new security requirements increasing the need for more frequent auditing, they needed an in-house solution. The County’s security engineers required detailed reports that identified vulnerabilities to be remedied before they could pose substantial risk to the network environment. To evaluate vulnerability management solutions, ITS defined a set of technical requirements against which to measure selected vulnerability assessment scanners. The desired solution would need the ability to perform stealth scans, schedule routine scans, support multiple platforms including Windows and Linux, scan multiple platforms, applications and devices, support unauthenticated and authenticated scans, scan all systems without installing an agent, perform incremental scans, and provide future support for wireless protocols.

When Allen Basey joined MCPHS University over two and a half years ago, he was tasked with developing new security procedures and policies, including comprehensive vulnerability scanning. As the sole person dedicated to maintaining security, he needed to improve the University's overall security posture without being overburdened. Initially, he opted for Tenable's Nessus due to its low cost, but found it required manual scans and lacked critical context for prioritizing vulnerabilities. This made it difficult to get IT support teams to take action, and researching how to patch vulnerabilities consumed valuable time, leading to crucial patches being neglected.

The Nebraska Public Power District (NPPD) faced a complex compliance situation due to various regulatory mandates, including NERC CIP standards, HIPAA, and specific cyber regulations for their nuclear facility. As a publicly powered state, Nebraska's electric utilities are owned by the public, adding another layer of complexity. NPPD needed to ensure robust cybersecurity measures across its 4,000 assets spread over 19 sites, while also addressing the increasing sophistication of phishing attacks. The organization aimed to improve its overall security posture and meet compliance requirements effectively.

With a constantly growing network environment, Norwich University’s IT department found it increasingly difficult to have a clear view into all network equipment and servers—and their vulnerabilities—while still only conducting manual scans.

Permission Interactive, an e-commerce company handling sensitive customer information, faced challenges in meeting PCI compliance standards. Their existing McAfee vulnerability management solution was only helping them 'check the box' for PCI compliance without improving their overall security landscape. A full audit revealed significant gaps in security best practices and overall compliance, prompting the company to seek a more robust solution.