X

Florida Orthopaedic Institute needed a compliance solution that was both easy to maintain and cost-effective. The organization faced the challenge of ensuring that patient data was secure and protected while meeting various policy and regulatory compliance requirements. They evaluated several vendors, including Splunk, LogRhythm, and Solarwinds, to find a solution that could address their security and compliance needs effectively. The primary concerns were threat detection, incident response, and the ability to share and gain visibility into threats through a unified security solution.

b Spot operates in a highly regulated industry and requires robust security practices to protect personal information from unauthorized access. The company needed a trusted security solution that could be quickly implemented and managed by a small team. During their competitive analysis, b Spot included AlienVault among the top contenders. The decision was influenced by a recommendation from a colleague in the aerospace industry who trusted AlienVault for its security capabilities. After evaluating AlienVault, b Spot decided it was the right fit for their security needs.

When Daniel Santiago first started at the City of Lewiston, he was using Spiceworks’ free software to monitor the network and detect threats. However, the limitations of the free software became apparent when Santiago realized the need for a more robust security solution. The city network required constant monitoring and protection, especially for public Wi-Fi spots and online bill pay services. Santiago and his team, being IT generalists, lacked the time and training to effectively use advanced security tools like Splunk, which required extensive log management and correlation. The high cost of hiring a security operations center analyst and the additional training required for these tools further complicated the situation.

VioPoint faced a significant challenge in providing affordable and effective security solutions to small and medium-sized businesses (SMBs). Initially, their client base consisted of SMBs acquired through penetration testing, but these clients often couldn't afford the upfront investment required for high-end security products from companies like IBM or HP. VioPoint lacked a suitable security solution for this market segment, which led them to search for an alternative. They discovered AlienVault Unified Security Management (USM) and realized that combining its capabilities with their security expertise could offer a cost-effective solution previously only available to enterprise clients. However, selling AlienVault USM to SMB customers presented its own set of challenges. VioPoint needed to not only sell the tool but also effectively market their own capabilities in utilizing it to provide maximum value and security to their clients.

Payment processing technology company CeloPay needed a PCI DSS-compliant solution to monitor security for its AWS-hosted SaaS offering. Manual log reviews were cumbersome, time-consuming, and susceptible to error, making it difficult to produce the required reports for compliance audits. CeloPay needed a way to improve threat detection and compliance for its AWS environment that could scale to meet the needs of a growing customer base. Additionally, when CeloPay applied to become a PCI Level 1 Service Provider, company leaders knew they would need an easier, more reliable way to provide the necessary data and reports to prove PCI DSS compliance.

In early 2015, UW-Superior’s IT team was looking to replace their outdated intrusion prevention system. As a result of budget restrictions, however, they needed to find a cost-effective security solution that would still meet the needs of their large network. Tom Janicki, Technology and Infrastructure Services Director at UW-Superior, was tasked with updating the campus’s intrusion detection system (IDS). However, he soon realized that finding an IDS system at a price that met his limited budget was proving to be a challenge. While researching alternative IDS solutions, Janicki came across AlienVault’s Unified Security Management® (USM) platform. “I read a review in SC Magazine and decided to go through a self-guided demo. Afterwards, I spoke with a sales rep and was floored by the price he quoted,” said Janicki.

In 2015, the Bank of New Glarus faced an impending Federal Deposit Insurance Corporation (FDIC) compliance audit. With less than four months to prepare, Patrick Collins, the lead IT manager, needed to find and implement an intrusion detection tool that would help the bank pass the audit. Collins considered GFI’s LanGaurd and SolarWinds Log & Event Manager (LEM) but found them lacking in certain features and robustness. The challenge was to find a comprehensive and cost-effective solution that could meet the stringent requirements of the FDIC audit.

In early 2015, Bank of Marin’s Security team was looking to increase visibility into their network by adding a Host-based Intrusion Detection System to their existing security program. Over the course of their search, they evaluated a number of popular vendors such as Palo Alto, FireEye, and Carbon Black. Although each of these products seemed capable of meeting Bank of Marin’s need for a HIDS security layer, the team found that the cost of each was too high to justify implementation. Jeff Dalton, the Information Security Officer at Bank of Marin, was in search of a more affordable product. He spoke with a few members of his CISO group, and they recommended that he check out AlienVault’s Unified Security Management (USM) platform. When he did, he realized that USM includes HIDS plus much more than he expected.

Brier & Thorn first began searching for an all-in-one security solution in early 2013 when they were tasked with conducting an incident response investigation for one of their clients. Their client had clicked on a weaponized attachment that led to a Spear Phish attack. This required Brier & Thorn to identify what the hackers had access to in their client's network and if any data exfiltration was occurring. At the time, Brier & Thorn was lacking visibility into their client’s network, so they needed an incident response forensics tool that enabled them to see traffic going in and out of the network.

When Hawaiian Telcom launched Managed Network and Security Services in 2010, they quickly realized the need for a robust security management platform to effectively monitor and maintain network security for their business customers. Their customers, ranging in size and industry, had unique security needs, including compliance with standards like PCI DSS and HIPAA. The company noticed two key trends: the need for a log tracking solution to monitor system access and the rising cost of individual security solutions. These challenges necessitated a comprehensive solution to manage various security aspects, from asset inventory to intrusion detection.

ITA needed to secure the city’s computer infrastructure, which included a large network with several thousand routers and switches, over 500 application and web servers, and mainframes. This infrastructure incorporated financial systems, the LAPD, and critical systems for all departments. Additionally, the agency needed to ensure its systems were compliant with the PCI Data Security Standard (PCI-DSS) due to the presence of ten websites that process credit card payments. The PCI DSS is a comprehensive security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. ITA had to collect and store system logs, between 10,000-15,000 events per second, from all devices that process credit card information, including firewalls and intrusion prevention systems. Budget constraints and limited manpower further complicated the situation.

Chemence, a global polymer manufacturer, faced significant cybersecurity challenges. The company had a small IT team of three people, including the IT Director, Zac Valentine, who was responsible for a wide range of duties including network infrastructure, servers, security, and more. The team was already stretched thin with their responsibilities, and cybersecurity often took a backseat to more immediate concerns. This situation is common among small-to-medium-sized businesses (SMBs), many of which lack an up-to-date or active cybersecurity strategy. Chemence was using outdated antivirus software and a basic Gateway UTM configuration, which left them vulnerable to cyberattacks. Eventually, the company experienced a security breach, which highlighted the urgent need for a robust cybersecurity solution.

In the fast-paced private equity (PE) market, data changes hands at a breakneck speed every day. Consider the types of data that could be passing through a PE firm: proprietary company information, financials, bank account numbers, the list goes on—exactly the type of information hackers want to obtain. Through phishing emails to employees, as well as other ever-evolving methods, hackers pose an unrelenting threat. Statistics show that financial firms are attacked at an alarming rate of 30 times per second. A breach can cost a company hundreds of millions of dollars. Just look to recent headlines about the Capital One breach, for example, with an estimated cost of $150 million to repair the damage done. Trying to mitigate all of the threats, as well as staying on top of cybersecurity trends, can be too much for a small IT team to handle. Some PE firms may only have one person on staff dedicated to cybersecurity, or a resource that is also responsible for other areas within Information Technology. Finding a vendor partner that can truly be an extension of a PE firm’s internal IT team is paramount. A viable option is to outsource a Security Operations Center (SOC)—a service in which a team of dedicated security analysts can detect and analyze advanced attack patterns and alert clients of these malicious threats within minutes.

Stowe Research, a global technology group, faced significant cybersecurity challenges. With a diverse group of clients and sensitive data to protect, the company needed to upgrade its existing cybersecurity measures beyond basic antivirus solutions. The catalyst for this change was a breach experienced by one of their clients, which highlighted the limitations of their current security setup. Business Email Compromise (BEC) was a particular concern, as it involves cybercriminals gaining access to high-profile email accounts to commit fraud. This type of attack is behavior-based and not typically caught by antivirus software. Stowe Research realized that their cybersecurity strategy needed to be more robust to protect against such sophisticated threats.

Many different client accounts that could be compromised. Could be a big payday for a cybercriminal to obtain MSP customer information. Cyberattacks could have huge financial consequences for a business—such as the business ceasing operations.

Financial institutions are frequently targeted by hacking organizations or individuals. The existing solution at the bank was not providing 24-hour monitoring, and there was a need to expand the team’s current skillset with counterintelligence expertise. The bank faced constant threats due to its location in New York City and the number of branch offices it had. The Cybersecurity Manager and his team were using a Network Operations Sensor to monitor their assets, but they couldn’t do 24-hour monitoring. They needed a solution to help look for patterns and take action on them.

The Baker McMillen Company faced a severe ransomware attack that encrypted their servers and halted operations. The hackers demanded an $80,000 Bitcoin payment to restore access. With a small IT department lacking extensive cybersecurity expertise, the company needed a robust solution to quickly resume operations and protect against future threats.

The law firm faced several cybersecurity challenges, including a minimal security staff to manage a vast amount of security data, no around-the-clock monitoring to ensure continuous security coverage, and no communication process to escalate alarms to internal stakeholders. The legal industry is a prime target for cybercriminals due to the sensitive nature of the data they handle, including business capital, trade secrets, and intellectual capital. The four biggest cybersecurity risks for law firms are phishing, ransomware, leaks of sensitive data, and the risk of malpractice allegations due to poor cybersecurity. The firm needed to address these challenges to protect their assets and maintain client trust.

NCR, a global leader in point-of-service technology for restaurants, retailers, and banks, faced significant cybersecurity challenges. With a complex global customer base, a cyberattack could have devastating effects on both NCR and its customers. The company needed a cybersecurity partner that could provide sophisticated, multi-layered protection to keep cybercriminals at bay. Unsatisfied with their current provider, NCR sought a partner that could engage at a high level and ensure smooth, uninterrupted service for their global business customers.

Small security team lacked ability for 24/7 monitoring. The university had invested in a SIEM but needed expert tuning to help cut down on the 'noise' generated by alarms. Information security is of increasing importance at universities, ranking at the top of the list of critical IT issues in the higher education space. A recent survey ranks education at the bottom of the list in terms of industries that are taking proper cybersecurity measures. Thus, universities such as Duquesne are looking for cybersecurity vendor partners that can help keep their information secure.

Financial institutions are frequent targets for cyberattacks due to the sensitive information they store, such as bank accounts and social security numbers. Hackers attempt to breach these institutions at an alarming rate, averaging 30 attempts per second per institution. With limited internal resources and budget constraints, it is often challenging for financial institutions to create and sustain their own 24/7 Security Operations Center (SOC). One of the largest banks in the United States faced this issue, having implemented a Security Information & Event Management (SIEM) system that was unable to provide around-the-clock monitoring. Additionally, the bank's cybersecurity team required advanced training to handle the latest threats in the industry.

NACCO Industries, Inc., a large publicly-traded holding company with a major coal company subsidiary, faced significant cybersecurity challenges. The company had a small IT team with competing priorities, making it difficult to protect critical company data and secure the executive team from cyber threats. The Director of IT Audit & Cybersecurity, Ed Slusarski, needed a Managed Detection & Response (MDR) solution that could serve as an extension to the remote IT department, provide 24/7 monitoring, and proactively search for threats without interfering with individual workstations.

The legal industry faces complicated cybersecurity challenges. Law firms are highly-coveted targets for cybercriminals looking to gain access to business capital, trade secrets, and intellectual property. The biggest cybersecurity risks for law firms include phishing, ransomware, leaks of sensitive data, and the risk of malpractice allegations due to poor cybersecurity. The American Bar Association has issued a formal opinion on attorneys’ ethical obligations to avoid cybersecurity breaches. Lawyers are expected to make reasonable efforts when communicating confidential information using the Internet. Depending on the industry of law firms’ clients, they may be subject to comply with regulations such as HIPAA (healthcare). However, some firms might not have a security staff that can tackle security issues around the clock. A Security Information & Event Monitoring System (SIEM) is a useful tool for monitoring data across a law firm’s network. A SIEM helps keep an organization safe by centralizing data from various network devices, including servers, firewalls, etc., and correlating that data to provide a holistic overview of an organization’s security environment. Alerts are generated if abnormal activity is detected. These alerts need to be reviewed by a person to determine if a threat is present, and then acted on if necessary. To fully respond to SIEM alarms, an organization needs to be staffed for 24-hour support or outsource this work to a Security Operations Center (SOC).

Fitchburg State University was in the process of executing a 5-year Security Plan to align the university with comprehensive IT security and compliance goals, such as PCI DSS, state regulations, and industry best practice initiatives. It was missing an effective security event management solution that could provide alerts and information as well as important insights about the IT environment as a whole.

After an eye-opening security assessment, Mount Wachusett Community College (MWCC) concluded that it needed to boost its security posture and adopt a highly effective approach to log management and the prevention of data breaches.

Gold Star Mortgage Financial Group, Corp (Gold Star) needed world-class IT security services to monitor its extensive network and have the ability to perform regular scans for vulnerabilities in order to build an enterprise-class security program as well as confidently meet industry standards and regulatory laws.

The organization needed better visibility across its rapidly growing network in order to proactively detect possible anomalous behavior as well as an easy and effective way to manage vulnerabilities throughout in vast array of systems and software.

The YMCA of Greater Boston needed to find a scalable IT security solution that could provide improvements to its IT security and compliance posture at an affordable price.

South Carolina Public Charter School District’s (SCPCSD) needed to find a way to confidently reduce the risk of data breaches.

Mission Capital Advisors was seeking a less time-consuming and less complex approach to building a vulnerability management program. It sought to empower its IT staff to react faster to new cyber threats and vulnerabilities throughout its entire network.