The Hamburg Port Authority (HPA), responsible for managing all harbor-related infrastructure for the city of Hamburg, faced significant challenges in securing its vast IT infrastructure. This infrastructure included 350 kilometers of fiber cable, 850 routers and switches, 500 servers in two data centers, and thousands of computers and smartphones running over 600 applications across 63 separate locations. The HPA IT managers identified several security challenges, including over 100 local administrators managing applications without support or follow-up, applications without a designated owner responsible for security or lifecycle management, and a flat network structure focused more on performance and flexibility than security. Additionally, HPA workers were not optimally aware of best security practices, leading to concerns about unidentified network exposures.

Plymouth Rock Assurance, a leading US insurance firm, has been serving the insurance needs of its American clients for nearly 40 years. Specializing in auto and homeowner’s insurance, the Plymouth Rock group of companies has sustained steady growth and now write and manage more than $1.5 billion in premiums across the Northeast. As a fast-growing company in a tightly regulated industry tasked with managing large troves of customer data, Plymouth Rock places a special emphasis on strong cybersecurity. However, as the company grew, it faced increasing security threats and needed more sophistication and support with identifying threats and prioritizing risk. Despite having a committed team working hard to ensure the company’s critical assets remain secure and utilizing tools from vendors to identify and mitigate threats, the company needed additional support to identify exposures from misconfigurations, vulnerabilities, and human error.

Kettering Health, a healthcare network supporting 13 medical centers, over 120 outpatient locations, and more than 30,000 users, was in the process of implementing layered defenses and aligning with NIST security controls when an aggressive rollout of the EPIC Electronic Health Records system fully consumed all IT resources. This resulted in a stall in cyber hygiene activities, leading to configuration drift. The situation was further exacerbated by the COVID-19 pandemic, which forced the IT staff to pivot from routine maintenance to address new security challenges presented by a mobile and remote workforce of first responders. The complexity of the situation, coupled with scarce resources, made it difficult to reestablish cyber hygiene. Limited visibility into the status of security tools, time-consuming manual analysis, and an overwhelmed IT network team further complicated the situation.