SCM Insurance Services has been supporting the insurance and risk management community for more than 30 years with over 200 locations and over 3,000 employees across North America providing claims adjusting, third-party administration (TPA), risk management, investigative, surveillance, risk mitigation, medical services, forensic services (accounting/engineering), and risk intelligence.
Prior to onboarding Cybereason solutions, SCM met their security needs primarily through an outside managed security service provider.
The MSSP had been engaged for nearly three years for detection and alerting when the SCM security team uncovered gaps in threat visibility after routine penetration testing exercises that simulated cyber attacks.
This discovery led the SCM team to undertake a deep-dive examination of their security posture, programs and tools in place.
This analysis exposed the need for an internally-managed endpoint detection and response (EDR) solution, with Cybereason being one of three solutions selected for the evaluation process by SCM.
SCM ultimately decided to implement the Cybereason Enterprise option which combines NGAV prevention and endpoint controls with EDR for deep contextual correlations in real-time across all endpoint assets, as well as engaging in a thorough compromise assessment and implementing Cybereason’s continuous threat hunting managed service.
“The reason why we chose Cybereason was because of our need for comprehensive detection that’s mapped to MITRE ATT&CK, [...] to produce an alert faster[...], and to increase the speed to mitigation,” said Nick LaPointe, Information Security Administrator for SCM Insurance Services.
The Cybereason Defense Platform allows the SCM team to identify threats quickly with a high degree of accuracy through enriched data from all endpoints, leverage fully contextualized intelligence for high fidelity detections that eliminate advanced threats at any point in the kill chain, and remediate automatically or with a single click to kill processes, remove persistence, prevent execution and isolate targeted machines.
After implementation, Cybereason immediately improved the overall tracking of incidences and reporting KPI’s communicated up the internal chain of command, bolstering this key component of an incident response program. Cybereason has increased detections for the SCM team while leveraging the MITRE ATT&CK knowledge base for faster detections, increased situational awareness, and a reduced mean-time to response (MttR).
“It’s like having an actual employee in the environment that actively protects the host. So, while we can’t watch everything all the time everyday, we have full confidence that Cybereason is watching all and is keeping threats in check - it’s a great marriage,” said LaPointe.
“And it significantly reduced our time threat hunting and quickened analysis of weird behaviors in the environment for sure. With Cybereason, from day one you can start building investigations easily with little to no threat hunting knowledge.”
Cybereason is dedicated to partnering with Defenders to end attacks at the endpoint, in the cloud and across the entire enterprise ecosystem. Only the AI-driven Cybereason XDR Platform provides predictive prevention, detection and response that is undefeated against modern ransomware and advanced attack techniques. The Cybereason MalOp™ instantly delivers context-rich attack intelligence across every affected device, user and system with unparalleled speed and accuracy. Cybereason turns threat data into actionable decisions at the speed of business.
All Posts by Cybereason Team
The numbers can’t be any clearer: a DDoS attack costs less than a hundred dollars, while the price tag for mitigating it might reach tens if not hundreds of thousands of dollars. A single well crafted phishing email can easily circumvent cyber defenses which cost millions of dollars to set up. How can we change the extreame cost asymmetry between attackers and defenders in cyberspace?. – check it out...
The MITRE Attack Flow Project is a new way to visualize, analyze and share knowledge about sequences of adversary behavior. Ingrid Skoog, Ass. Director of R&D at the Center for Threat-Informed Defense, and Cybereason CISO Israel Barak discuss the benefits of the MITRE Attack Flow project to Defenders and executives alike - check it out…
