Prime Insurance Company: Strengthening Cybersecurity Posture

Achieving a 40% Improvement in Threat Prevention Results with Picus

Industry: Insurance

THE CUSTOMER

Prime Insurance Company specializes in providing insurance solutions for hard-to-place and declined risks, offering fast and flexible underwriting with a partnership-driven approach. With over 30 years of experience, Prime Insurance Company is renowned for its expertise in specialty liability, property and casualty insurance, and professional liability cover.

JD Brown, Chief Information Officer, is responsible for the overall management and implementation of information and computer technologies and cybersecurity. Marc Mitchell, Director of Information Technology, is a part of Brown’s organization and is responsible for supervising IT and security operations.

Brown underscores a crucial aspect of cybersecurity: it’s not just about data breaches or reputational damage, but about maintaining operational continuity. With a steadfast focus on rapid threat detection and system availability, Prime Insurance Company is committed to safeguarding its vital services. To improve their defenses, they turned to the Picus Security Validation Platform, starting their journey toward a more proactive approach to reducing risk and maintaining a resilient cybersecurity posture.

THE CHALLENGES

Ineffective Traditional Security Assessments

Prime Insurance Company faced a challenge with traditional security assessments, as these methods proved insufficient for their needs. Mitchell emphasized the limitations of yearly manual penetration tests, noting the varied findings resulting from different approaches. Despite prompt remediation efforts, the recurring nature of annual tests with new testers and new testing methodologies presented difficulties, as it was impossible to anticipate every potential attack.

Knowing Existing Security Controls are Working Well

Prime Insurance Company encountered difficulties in optimizing existing security controls and prioritizing security measures due to its relatively small IT team. “Prioritization is crucial,” emphasizes Brown. “Our focus is on identifying security measures that offer the greatest value. That’s why we need to address any low-hanging fruit or obvious vulnerabilities quickly while also focusing on addressing significant threats and gaps,” he adds. Meanwhile, Mitchell stresses the significance of testing the configurations of their security tools to ensure alignment with their desired state and maintain the integrity of their security infrastructure.

Maintaining Awareness of Evolving Threats

Staying updated on potential threats posed another challenge for Prime Insurance Company. Brown explains that despite their substantial investment in security tools, the rapidly evolving nature of threats necessitates constant awareness to keep them validated and optimized. Recognizing the importance of continuous validation from external threats, Prime Insurance Company emphasizes the need for ongoing threat awareness and swift action to mitigate risks without draining excessive resources.

Partnership with Ridge IT Cyber and Introduction to the Picus Platform

Brown explains that Prime Insurance Company first learned about the Picus platform from Ridge IT Cyber. “We closely collaborate with Ridge IT Cyber, relying on their security expertise and recommendations. Essentially, they are one of our trusted cybersecurity partners” says Brown.

He highlights Ridge IT Cyber’s in-depth understanding of Prime Insurance Company’s cybersecurity goals and their recommendation of products aligned with Prime Insurance Company’s approach. Perry Schumacher, Chief Strategy Officer at Ridge IT Cyber, introduced Picus and its Breach and Attack Simulation technology to help Prime Insurance Company consistently validate its defenses against the latest threats. “Picus provides the ongoing defense testing we need as we try to stay ahead in today’s ever-evolving threat landscape,” JD Brown explains. In addition to conducting annual pen tests, Prime Insurance Company opted for Picus due to its ability to continuously evaluate defenses against evolving threats.

“Our decision to choose Picus stems from the urgent need to stay ahead of rapidly evolving threats. It provides us with real-time insights into active threats and allows us to assess our defense capabilities and validate our remediations effectively.” – JD Brown

THE RESULTS

Improved Security Validation with Continuous Assessment

Traditional security control assessment methods, which focus solely on identifying system or network vulnerabilities or repeating typical attack scenarios across different engagements by the same professionals, were insufficient for Prime Insurance Company. They turned to Picus to achieve a consistent approach to security validation.

“The Picus platform serves as a crucial validation tool that helps us understand whether our implemented security controls and defenses are functioning as intended. Additionally, it assists in identifying any unforeseen changes or vulnerabilities. Picus functions akin to an ongoing, continuous pentest – providing a second set of eyes on our security posture,” explains JD Brown.

Enhanced Prioritization and Resource Allocation

Given their relatively small team, Brown highlights the fact that the Picus platform empowers Prime Insurance Company to prioritize effectively. By providing signatures and detection rules, Picus enables Prime Insurance Company to assess the potential impact of implementing security measures on its overall security score. This insight allows them to allocate resources strategically, focusing on actions that will yield the greatest improvement in their security posture. “With Picus providing insights into the impact of these measures on our security score, we can make informed decisions about where to allocate our cybersecurity resources for optimal results,” says Brown.

Enhanced Threat Visibility and Defense Evaluation

Recognizing the dynamic nature of cybersecurity threats, Prime Insurance Company understands the critical importance of staying ahead of evolving risks. They chose the Picus platform as their solution, driven by its ability to provide real-time insights into active threats and effectively assess defense capabilities. “Our decision to choose Picus stems from the urgent need to stay ahead of rapidly evolving threats. It provides us with real-time insights into active threats and allows us to assess our defense capabilities and validate our remediations effectively,” says Brown.

In the past year, Prime Insurance Company has achieved remarkable progress in refining its simulation outcomes. Within a 12-month period, they increased the number of simulated threats in their environment from 130 to 2206 and increased their prevention score in the process – from 45% to 85%.

CONCLUSION

Taking Security Validation to the Next Level: Unveiling Security Blind Spots with Picus Attack Path Validation

Initially, Prime Insurance Company utilized Picus Security Control Validation (SCV) and later decided to deepen its validation program further by also leveraging Picus Attack Path Validation (APV).

“APV has been an eye-opener for us,” says Marc Mitchell. “It has changed the mindset of the team.” He explains how APV has significantly impacted their perspective on cybersecurity, helping them to adopt more of an assumed breach mindset by understanding what an attacker could do if they obtain credentials. Initially, it revealed potential vulnerabilities despite their focus on patching and firewall adjustments. The tool has shifted their mindset, particularly among his team, by demonstrating the real-world implications of credential theft and the potential actions attackers could take within their system. This shift has led them to prioritize minimizing the blast radius of potential attacks and adopting a zero-trust model, questioning overly permissive administrative rights, and aiming for a more cautious approach to security.

“APV has truly revolutionized our approach to cybersecurity. It’s like shining a spotlight on the blind spots we didn’t even know we had.” – Marc Mitchell

Mitchell further expressed his surprise during the initial testing at how easily APV could bypass their configured security controls, despite adhering to the best practices recommended by security tool vendors. He mentioned that they implemented configurations based on recommendations from other products but were shocked to observe how swiftly the APV tool circumvented these controls. This highlights the tool’s effectiveness in identifying weaknesses in security configurations and emphasizes the importance of comprehensive ongoing security testing beyond standard vendor recommendations.

Strengthen Your Active Directory Security

Regular evaluation of Active Directory security is essential, as attackers with domain admin privileges can compromise an organization’s systems, users, and data.

Picus Attack Path Validation identifies and eliminates the shortest attack paths to Active Directory, bolstering network security and reducing the likelihood of breaches causing significant business disruption.

Click here to learn more about how Picus can help your organization or request a demo to experience Picus in action.

#CaseStudy #Insurance