Law Enforcement Agency Restores Confidence in Cyber Defenses
This small cybersecurity team is tasked with protecting the organization’s fraud services and all electronic records related to criminal investigations. The team is responsible for ensuring the force can operate effectively and bring offenders to justice so it must be confident that that its security controls can protect the organization in case of attack.
Cymulate gives me the confidence that I know what’s going on in my security stack. It doesn’t just provide me with security validation, it allows me to look over the horizon at the next biggest potential threat.
– CISO
Criminal Justice Relies on Strong Cyber Defenses
This law enforcement organization is responsible not only for local policing but also for significant national crime detection and reduction strategies across various disciplines. Its small cybersecurity team must protect the organization’s fraud services and all electronic records related to criminal investigations. This ensures the force can operate effectively and bring offenders to justice. However, the security team wasn’t confident that its security controls would protect the organization in case of attack because:
The team could not continuously validate its controls While the team conducted its required annual penetration tests, they were manual, limited in scope and provided only a point-in-time assessment.
It was challenging to ensure protection against emergent threats The security team could not independently test its security against new threats in the wild. Instead, it had to ask its IT team to test the controls, taking anywhere from two days to a week before it could determine whether the controls needed remediation.
The team could not keep up with patching its vulnerabilities The team would run vulnerability scans but did not know how to prioritize the long list of critical vulnerabilities that were consistently found.
Like many small security teams, this team first considered outsourcing its security validation and regular testing, but it quickly recognized that this would be costly and wouldn’t give the team the visibility and independence it required. The organization’s CISO began investigating automated security validation tools such as breach and attack simulation (BAS).
The Cymulate Solution
The CISO determined that Cymulate was the ideal solution to empower his team. He reflected, “Back in 2019, we were one of the first organizations in the UK to use Cymulate. I thought the product was very innovative and has continued to meet my expectations. Looking back, I truly appreciate how our security organization has matured alongside the product.”
The security team uses Cymulate to:
Detect and manage drift
“We initially used Cymulate to fine-tune and optimize our security controls. Today, our risk score is very low for each control, so we can focus on managing our drift. Now, we run assessments automatically every week, review the output from the assessments, remediate if necessary and then retest. If Cymulate flags something, we know to address it quickly.”
– Information security manager
Validate against emerging threats
“As soon as I hear of a new threat, I send that information to my team to understand if the organization is exposed. The team often responds that it tested for the threat last week with Cymulate and reports on the steps it took if remediation was necessary. We’re always ahead of the game with Cymulate.”
– CISO
Automate IOC mitigation
“We use the Cymulate automated IOC mitigation capability to enhance and strengthen our security. We also use the platform’s IOC data to strengthen other security products that may not yet have identified those IOCs or hashes.”
– Information security manager
Prioritize vulnerabilities
“Through validation, Cymulate helps us understand which vulnerabilities can be exploited in our organization. This helps us focus our limited resources so we can be proactive and remediate before a threat becomes an actual problem.”
– CISO
Manage and prove investments
“With Cymulate, I have the evidence to direct and manage my resources. For example, if I see a gap, I know where I need to invest more resources to keep our organization safe, and I can show the results of that investment.”
– CISO
Benefits
The security team has embedded Cymulate into many of its security processes:
Independence With Cymulate, the team can independently test its security and run assessments whenever needed without waiting for an annual penetration test.
Increased efficiency The platform’s automation enables the small team to increase its validation activities and strengthen its security posture.
Threat intelligence With continuous updates from the Cymulate Threat Research Group, the security team leverages this threat intelligence within and beyond the platform to bolster their defenses.
