Over-privileged insiders are responsible for numerous data breaches that can affect millions of customers. QOMPLX has the proven solution.
Anthem Blue Cross Blue Shield, the City of San Francisco, Google, and Target all suffered breaches via over-privileged insiders. In Anthem’s case, an employee stole 18,000 members’ health information. In San Francisco, a fired admin locked city records containing email, payroll, and police records. At Google, a former employee left the company with 14,000 documents, including trade secrets on autonomous driving. Target was the victim of a third-party data breach that affected more than 40 million customers.
When a major annuities and life insurance issuer surveyed the landscape and saw the perils, they knew they couldn’t risk the same fate.
The QOMPLX Special Situations Advisory Team built a multipart solution to secure the client’s technology stack that included:
- A 60-day drive-to-zero surge to contain and eliminate all critical/ high/ and medium-rated external vulnerabilities
- A six-month strategic security transformation program to build maturity models, NIST-aligned risk programs, and cyber team capacity
- Ongoing instrumentation and monitoring of critical control infrastructure, to strengthen the client’s active directory
- An economic model quantifying reductions in tail value at risk (TVAR), cyber insurance premiums, and retained cyber risks
The client’s security improved due to the QOMPLX Special Situations Advisory team and proprietary technology that:
- Professional Services team utilized Q:SCAN and OSINT tools to map and eliminated all material external exposures inside of 60 days
- The QOMPLX ITDR suite of solutions including Identity Assurance and Privilege Assurance protected all active directory domain controllers via continuous monitoring and detection for common tactics, including Kerberoasting and Golden Ticket attacks
- Advised the client on a 3-year cybersecurity strategy, uplift, and staffing plan to reduce their financial tail risk in dollar terms by 90%, and their cyber insurance premiums by 60%