Risk Management Firm Employs ControlScan MDR to Safeguard HIPAA-Compliant Data

Managed detection and response partnership provides peace of mind following ransomware attack.

ControlScan MDR Helps Risk Management Firm Protect the Sensitive Data It Collects and Stores

As one of the nation’s leading independent insurance brokerage firms, our client leverages its risk management expertise to specialize in insurance solutions, employee benefits, and health management services for companies in a range of industries. The services the client provides require the collection and storage of large amounts of confidential information, including HIPAA-compliant data.

The Challenge: Finding a Reputable, Cost-Effective and Practical MDR Solution

After falling victim to a ransomware attack, it  became clear to the client’s C-level executives that managing network security internally was no longer a viable option. While highly talented, the firm’s IT team just didn’t have the bandwidth to efficiently secure company data and rapidly detect the ever-increasing number of cyber threats. To stay competitive and protect their client data, they  knew they needed a much more robust defense system. Their ideal managed detection and response (MDR) solution had to be reputable, cost-effective and practical.

The Solution: A Unique "Human + Analytical" Approach

A comprehensive IT risk assessment took into account regulatory requirements and revealed new ways for the client to fortify its network against internal and external threats. Now officially the client’s managed security service provider, ControlScan partnered with their internal team to construct a forward-looking cybersecurity platform.

“We needed a partner that we could trust, and that had the technical expertise to provide us with a multi-tiered approach to security,” said the Chief Information Officer.

The ControlScan MDR approach involved working closely with the client’s IT team to design a system that would alleviate some of the burden on internal resources, allowing analysts and administrators to focus on making core systems available to employees.

“We didn’t say, ‘You’re going to have to stop everything or rip and replace everything you have,’ because that’s not realistic,” said Tom Callahan, Director of MDR Operations, ControlScan. “We spent time understanding the client’s business needs to give them a custom experience that was designed specifically around the client and their security program. We put that in place with real awareness of the team they had, the limitations and the abilities that were there, and attention to their long term objectives.”

At the heart of the client’s solution is ControlScan’s 24x7 Security Operations Center (SOC), where cybersecurity experts capture and compile data from the client’s digital environment—resulting in a level of decision support not possible in traditional monitoring environments.

“ControlScan was able to go beyond just technological solutions, and look deeper into the organization to understand our workflow and our processes.”
-Chief Information Officer

The Result: Security Peace of Mind

The aforementioned malicious attack had dealt a temporary blow to employee productivity for the client, resulting in the loss of about a day’s worth of work—a loss that could have been much larger had ControlScan not intervened. Since partnering with ControlScan, the client has been able to ward off such costly security breaches. Still, the CIO says some critical benefits of the ControlScan partnership are incalculable.

Download Success Story