Enhancing Cybersecurity Risk Management: A Case Study of Plymouth Rock
- Cybersecurity & Privacy - Identity & Authentication Management
- Platform as a Service (PaaS) - Application Development Platforms
- Finance & Insurance
- National Security & Defense
- Cybersecurity
- Usage-Based Insurance
- Cybersecurity Services
Plymouth Rock Assurance, a leading US insurance firm, has been serving the insurance needs of its American clients for nearly 40 years. Specializing in auto and homeowner’s insurance, the Plymouth Rock group of companies has sustained steady growth and now write and manage more than $1.5 billion in premiums across the Northeast. As a fast-growing company in a tightly regulated industry tasked with managing large troves of customer data, Plymouth Rock places a special emphasis on strong cybersecurity. However, as the company grew, it faced increasing security threats and needed more sophistication and support with identifying threats and prioritizing risk. Despite having a committed team working hard to ensure the company’s critical assets remain secure and utilizing tools from vendors to identify and mitigate threats, the company needed additional support to identify exposures from misconfigurations, vulnerabilities, and human error.
Plymouth Rock Assurance is a leading insurer focused mainly on the Northeastern United States. Based in Boston, Massachusetts, the Plymouth Rock group of companies together write and manage more than $1.5 billion in personal and commercial auto, homeowners and umbrella insurance premiums in Connecticut, Massachusetts, New Hampshire, New Jersey, New York, and Pennsylvania. The company has a dedicated IT security team and places a special emphasis on strong cybersecurity due to the large troves of customer data it manages. As a fast-growing company in a tightly regulated industry, Plymouth Rock faces increasing security threats and needs sophisticated solutions to identify and mitigate these threats.
To address these challenges, Plymouth Rock engaged with XM Cyber. XM Cyber did not replace Plymouth Rock's standard tools but complemented the company’s existing resources. Plymouth Rock deployed XM Cyber’s Attack Path Management platform to strengthen its overall security posture. The platform plays a critical role in identifying critical assets and zones and showing precisely how many steps it would take an attacker to compromise those assets. When the platform indicates an asset can be compromised in five steps or fewer, the Plymouth Rock security team jumps into action and begins working to close the vulnerability. XM Cyber also drew high marks for its integration with the MITRE ATT&CK framework, which allows the platform to closely mimic the tactics of Advanced Persistent Threats (APTs). These sophisticated adversaries can breach a network, move laterally and exfiltrate crown jewel assets while escaping detection.