A practical lesson in collaborative security
We have already said it: security takes a village. The sheer complexity of cybersecurity and the relentless attacks facing organizations today make going it alone dangerous for even the most security-savvy organizations.
In a recent blog, we looked at how security requires cross-departmental collaboration and how to foster this collaborative approach. Today, let’s look at a concrete example of it in action.
The power of teamwork in cybersecurity
Many organizations are struggling to keep up despite the ever-changing cybersecurity and compliance landscape. That’s why collaboration, both internal and external, is so important to mitigate risk, address vulnerabilities, and achieve compliance.
Discover our Ebook, Guiding the collaborative approachto find out why collaboration is so critical to safety.
Unlike other approaches, such as Managed Security Service Providers (MSSPs), the advice doesn’t stop there; security teams are not responsible for using the tools themselves to thwart incidents. With a collaborative Managed Detection and Response (MDR) approach, the security partner continuously detects and alerts on incidents and manages them on behalf of the organization and provides constant visibility into its security posture.
In the case of ActZero, this means transforming our security operations center (SOC), painstakingly (and expensively) developed over many years, into our client’s SOC. Provide Technical Account Managers and Virtual Information Security Officer (vCISO) who review security reports, provide strategic support and offer priority advice to help inform security policy.
Cover compliance through collaboration
Almost nowhere is compliance more stringent than in healthcare. This is one of the reasons why the management of one of the largest long-term private companies elderly care American companies have found it useful to strengthen their cybersecurity capabilities and have recognized that they need help.
The organization needed guidance to help it in the massive endeavor of achieving NIST800 and HIPAA compliance. Typically, achieving regulatory compliance can take a full year, given the time and manpower involved, and he wanted a way to meet requirements and improve safety – and fast! She turned to ActZero to improve security through compliance auditing and control mapping and provide insights on how to cover security gaps and avoid exploits.
In addition to expert compliance advice, the ActZero team guided the insurance provider to find and procure tools, such as trackers to map their project framework against cybersecurity maturity model certification (CMMC) regulatory requirements. The organization has documented its efforts towards previous executives, preparing them for what awaits them as the industry transitions to CMMC 2.0. (Check out our webinar if you want to know learn more about CMMC 2.0 and the original framework.)
Adopting a collaborative approach to security has proven invaluable in achieving organizational goals – from seeking external help for penetration testing to working closely with ActZero for security functions and vCISO advice to internal teams in charge of remediation of vulnerabilities and network architecture. When an attack finally took place, this teamwork prepared the organization well. ActZero’s threat hunters were able to immediately detect and assist the insurer and healthcare provider through a DDOS attack, resulting in no downtime and no impact to its customers.
Armed with comprehensive advice and reporting and visibility through the ActZero customer portal, the organization received its compliance certification. With the level of reporting now possible, the organisation’s president – who has advocated for greater security measures – provides the board with frequent reports demonstrating the improved defensive posture and providing them with valuable information to build buy-in at the management level.
Without a team effort, the organization’s journey – simultaneously undertaking a monumental compliance project while improving safety – would have been long, arduous and fraught with pitfalls. Yet, by working with experts, he was able to reach his destination smoothly, while protecting himself and his customers.
Learn more about collaborative security
This is one of many cybersecurity collaboration use cases that can be found in our recent eBook Guiding the collaborative approach. To learn why teamwork is so critical to security, or tips for embracing collaboration, check it out. here.