New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Come meet us at Black Hat USA 2025 | Booth 1640
Book a Meeting
Book a Demo
Book a Demo
CUSTOMERS

Non-profit Increases Financial Efficiency and Strengthens Cybersecurity Defenses

Overview
industry
Non-profit
HQ
UK
Company Size
850+ employees
Jump to
Balancing Tight Budgets and Growing Cyber Threats The Cymulate Solution Benefits Plans for the Future Solution
Want to Learn More?
Download PDF
Results
  • Saved £80K with less expensive, on-par XDR
  • Increased visibility of its cybersecurity
  • Improved testing against emergent threats

Cymulate is the cyber safety blanket we all need. It provides tangible proof that your efforts are actually protecting your organization and contributing to improving your security posture.

- IT Security Manager

Balancing Tight Budgets and Growing Cyber Threats

With over 850 employees serving 40,000 customers and 20,000 homes, whg takes seriously its responsibility to protect its customers' personal data. The goal was to improve its cybersecurity while managing its budget, so it began a Security and Stability Program. Within this program, the board tasked its one-person security team with evaluating its security controls and ensuring that they were the best fit for the organization at the best value. 

The IT security engineer could not accomplish this with monthly vulnerability scans and annual penetration tests, so he searched for an alternative solution. 

The Cymulate Solution

After evaluating multiple security validation tools and testing their ability to compare security control vendors in a simulated environment, whg decided that Cymulate best fit its needs. The IT engineer reflected, “We chose Cymulate because it allows us to test the market, extensively validate our security controls and understand what an attacker sees when looking at our organization from the outside.” The proof of concept and onboarding process with Cymulate was seamless and easy, and whg was able to start benefiting from the platform almost immediately.   

The IT engineer explained that he uses Cymulate for: 

Evaluating and validating new security controls 

“Since purchasing Cymulate, we've procured a new endpoint, email gateway and web gateway. Before buying these controls, we determined how effective they would be in our environment in real-world scenarios, and we did not have to take the vendor’s word for it. Cymulate has become an integral piece of our security toolkit. It also helps us validate that our security controls work how we expect them to.” 

Making value-driven decisions 

“When evaluating XDR vendors, Cymulate helped us understand that the less expensive option functioned better in our infrastructure than the go-to alternative. With Cymulate, we can ensure the best return from our investment across the entire business. We saved £80k on this one purchase, something especially appealing to a non-profit like us because any savings on cost overhead creates an opportunity to pass these savings on to our customers.” 

Testing against emerging threats 

“We are all familiar with that situation when your board sees a ‘famous’ attack in the news and asks you if the company is protected from it. With Cymulate, by the time the board even gets to us, we have already tested for the threat and can report any patches that were made or need to be prioritized.” 

Managing and detecting drift 

“After using Cymulate for about nine months, we know that our controls are configured properly, and today, we mostly detect and manage drift with the platform. If we are alerted to an increase in our Cymulate risk score, we prioritize according to the platform’s findings and remediate immediately. There have been a few situations where we needed to drop everything to remediate, and we wouldn’t have been aware of it without Cymulate.”  

Benefits

  • Enhanced security
    The security team no longer relies on annual penetration tests to validate its security because it can independently run ad hoc validation assessments. Additionally, the team can remediate and run the same assessment to determine whether its efforts were successful.   
  • Increased efficiency
    Using Cymulate, the one-person security team can automate manual tasks and run more assessments.
  • Better visibility
    Cymulate extensively tests each of whg’s attack vectors to show whether its controls can protect it, a dimension of security validation that penetration tests and vulnerability scanners do not deliver.  

Plans for the Future

Since purchasing Cymulate, the IT security engineer has been promoted to IT security manager and has two colleagues reporting to him: an IT security engineer and an IT security analyst.  

whg is undergoing a digital journey to include AI in its applications, so it needs to ensure that its data remains secure and that its network architecture won’t leave it vulnerable to attack. To do so, the security team will use the Cymulate automated network penetration testing capability to assess against lateral movement and strengthen its defenses.  

Solution

  • Breach and attack simulation
  • Automated network penetration testing 

Find out what we can do for you

See how Cymulate can help you balance tight budgets while ensuring your organization is safe from cyber threats.

Book a Demo

Read More Customer Stories

image
CUSTOMERS

Globeleq Automates In-House Validation

Power company's small cybersecurity team adds ongoing security validation between pen tests.

Read Case Study
image
CUSTOMERS

GUD Holdings Limited

Discover how GUD implemented Cymulate and established cyber metrics across 17 subsidiaries.

Read Case Study
image
CUSTOMERS

Large Insurer Goes Beyond BAS

Learn why this company replaced its breach and attack simulation tool with Cymulate.

Read Case Study

GET A PERSONALIZED DEMO

Ready to see Cymulate in action?

Book a Demo