XM Cyber Case Studies Enhancing Cybersecurity Risk Management: A Case Study of Plymouth Rock

Edit This Case Study Record

	Enhancing Cybersecurity Risk Management: A Case Study of Plymouth Rock XM Cyber

Enhancing Cybersecurity Risk Management: A Case Study of Plymouth Rock

XM Cyber

Technology Category	Cybersecurity & Privacy - Identity & Authentication Management Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries	Finance & Insurance National Security & Defense
Use Cases	Cybersecurity Usage-Based Insurance
Services	Cybersecurity Services
Challenge	Plymouth Rock Assurance, a leading US insurance firm, has been serving the insurance needs of its American clients for nearly 40 years. Specializing in auto and homeowner’s insurance, the Plymouth Rock group of companies has sustained steady growth and now write and manage more than $1.5 billion in premiums across the Northeast. As a fast-growing company in a tightly regulated industry tasked with managing large troves of customer data, Plymouth Rock places a special emphasis on strong cybersecurity. However, as the company grew, it faced increasing security threats and needed more sophistication and support with identifying threats and prioritizing risk. Despite having a committed team working hard to ensure the company’s critical assets remain secure and utilizing tools from vendors to identify and mitigate threats, the company needed additional support to identify exposures from misconfigurations, vulnerabilities, and human error. Read More
About Customer	Plymouth Rock Assurance is a leading insurer focused mainly on the Northeastern United States. Based in Boston, Massachusetts, the Plymouth Rock group of companies together write and manage more than $1.5 billion in personal and commercial auto, homeowners and umbrella insurance premiums in Connecticut, Massachusetts, New Hampshire, New Jersey, New York, and Pennsylvania. The company has a dedicated IT security team and places a special emphasis on strong cybersecurity due to the large troves of customer data it manages. As a fast-growing company in a tightly regulated industry, Plymouth Rock faces increasing security threats and needs sophisticated solutions to identify and mitigate these threats. Read More
Solution	To address these challenges, Plymouth Rock engaged with XM Cyber. XM Cyber did not replace Plymouth Rock's standard tools but complemented the company’s existing resources. Plymouth Rock deployed XM Cyber’s Attack Path Management platform to strengthen its overall security posture. The platform plays a critical role in identifying critical assets and zones and showing precisely how many steps it would take an attacker to compromise those assets. When the platform indicates an asset can be compromised in five steps or fewer, the Plymouth Rock security team jumps into action and begins working to close the vulnerability. XM Cyber also drew high marks for its integration with the MITRE ATT&CK framework, which allows the platform to closely mimic the tactics of Advanced Persistent Threats (APTs). These sophisticated adversaries can breach a network, move laterally and exfiltrate crown jewel assets while escaping detection. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Identity & Authentication Management

Platform as a Service (PaaS) - Application Development Platforms

Applicable Industries

Finance & Insurance

National Security & Defense

Use Cases

Cybersecurity

Usage-Based Insurance

Services

Cybersecurity Services

Challenge

Plymouth Rock Assurance, a leading US insurance firm, has been serving the insurance needs of its American clients for nearly 40 years. Specializing in auto and homeowner’s insurance, the Plymouth Rock group of companies has sustained steady growth and now write and manage more than $1.5 billion in premiums across the Northeast. As a fast-growing company in a tightly regulated industry tasked with managing large troves of customer data, Plymouth Rock places a special emphasis on strong cybersecurity. However, as the company grew, it faced increasing security threats and needed more sophistication and support with identifying threats and prioritizing risk. Despite having a committed team working hard to ensure the company’s critical assets remain secure and utilizing tools from vendors to identify and mitigate threats, the company needed additional support to identify exposures from misconfigurations, vulnerabilities, and human error.

About Customer

Plymouth Rock Assurance is a leading insurer focused mainly on the Northeastern United States. Based in Boston, Massachusetts, the Plymouth Rock group of companies together write and manage more than $1.5 billion in personal and commercial auto, homeowners and umbrella insurance premiums in Connecticut, Massachusetts, New Hampshire, New Jersey, New York, and Pennsylvania. The company has a dedicated IT security team and places a special emphasis on strong cybersecurity due to the large troves of customer data it manages. As a fast-growing company in a tightly regulated industry, Plymouth Rock faces increasing security threats and needs sophisticated solutions to identify and mitigate these threats.

Solution

To address these challenges, Plymouth Rock engaged with XM Cyber. XM Cyber did not replace Plymouth Rock's standard tools but complemented the company’s existing resources. Plymouth Rock deployed XM Cyber’s Attack Path Management platform to strengthen its overall security posture. The platform plays a critical role in identifying critical assets and zones and showing precisely how many steps it would take an attacker to compromise those assets. When the platform indicates an asset can be compromised in five steps or fewer, the Plymouth Rock security team jumps into action and begins working to close the vulnerability. XM Cyber also drew high marks for its integration with the MITRE ATT&CK framework, which allows the platform to closely mimic the tactics of Advanced Persistent Threats (APTs). These sophisticated adversaries can breach a network, move laterally and exfiltrate crown jewel assets while escaping detection.

Impact #1	The deployment of XM Cyber’s Attack Path Management platform has significantly strengthened Plymouth Rock's overall security posture. The platform has been instrumental in identifying the most urgent, high-risk exposures and providing actionable, prioritized remedial recommendations for security teams. The integration of the platform with the MITRE ATT&CK framework has also been beneficial in mimicking the tactics of Advanced Persistent Threats (APTs), thereby exposing the potential for APT and lateral movement risks. This has reduced the time that would ordinarily be spent working to deter such threats. Furthermore, the platform's ability to show how attacks would unfold under real-world conditions has been praised for galvanizing defenders and giving their work added meaning. The company continues to incorporate XM Cyber into their overall security posture on both on-premise and cloud environments.

Impact #1

The deployment of XM Cyber’s Attack Path Management platform has significantly strengthened Plymouth Rock's overall security posture. The platform has been instrumental in identifying the most urgent, high-risk exposures and providing actionable, prioritized remedial recommendations for security teams. The integration of the platform with the MITRE ATT&CK framework has also been beneficial in mimicking the tactics of Advanced Persistent Threats (APTs), thereby exposing the potential for APT and lateral movement risks. This has reduced the time that would ordinarily be spent working to deter such threats. Furthermore, the platform's ability to show how attacks would unfold under real-world conditions has been praised for galvanizing defenders and giving their work added meaning. The company continues to incorporate XM Cyber into their overall security posture on both on-premise and cloud environments.

Benefit #1	XM Cyber’s Attack Path Management platform identifies critical assets and zones and shows precisely how many steps it would take an attacker to compromise those assets.
Benefit #2	When the platform indicates an asset can be compromised in five steps or fewer, the Plymouth Rock security team begins working to close the vulnerability.
Benefit #3	XM Cyber’s platform closely mimics the tactics of Advanced Persistent Threats (APTs), reducing the time that would ordinarily be spent working to deter such threats.

Benefit #1

XM Cyber’s Attack Path Management platform identifies critical assets and zones and shows precisely how many steps it would take an attacker to compromise those assets.

Benefit #2

When the platform indicates an asset can be compromised in five steps or fewer, the Plymouth Rock security team begins working to close the vulnerability.

Benefit #3

XM Cyber’s platform closely mimics the tactics of Advanced Persistent Threats (APTs), reducing the time that would ordinarily be spent working to deter such threats.

Download PDF Version

Overview

Enhancing Cybersecurity Risk Management: A Case Study of Plymouth Rock

Operational Impact

Quantitative Benefit