Table of Contents
Over the last few months, I’ve had a number of conversations with customers and gained a lot of insight into their challenges and overall cybersecurity strategies. I thought it would be helpful to share those insights and perspectives.
I met with MSPs who strive to meet the needs of their diversified customer base and spent time with Horizon Bank, a financial institution focused on protecting their organization from daily attacks. Here are some of my findings.
Cybersecurity Challenges Vary by Industry, but the End Goal Is the Same
Whether you’re an MSP or a Financial Institution, cybersecurity is a must, and both understand the importance.
From the perspective of the MSP customer, there is a unique set of challenges.
- Cybersecurity solutions tend to be complicated and difficult to deploy.
- Their customers expect to be protected from cyberattacks, and they must be prepared.
- Multi-tenancy cybersecurity management is not enough.
MSPs Lehigh Valley Technology and Kemper Technology Consulting greatly benefit from the simplicity Lumu offers. They have a large volume of customers to look after and our tool makes it easy. Many solutions overly-complicate cybersecurity operations making it a challenge to protect their customers.
The other commonality was that cybersecurity has become increasingly important for both MSPs over the last few years. As threats continue to evolve, small/medium-sized businesses (SMBs) are becoming a bigger target.
SMBs generally aren’t concerned with ransomware and other threats because as Ryahn Toole from Lehigh Technology states “They are assuming you are providing this level of protection, and you have to be able to provide that visibility at scale.” The multi-customer view and incident context for each customer gives them the tools they need to successfully protect their customers.
For both MSPs, the multi-customer view has been incredibly beneficial in terms of daily management. They can manage all of their customers’ cybersecurity needs from a single view which goes far beyond multi-tenancy.
Horizon Bank has a different experience as it is a major target for cybercriminals focused on gaining access to sensitive information. They are incredibly dedicated to securing their members and protecting their employees is equally important. Horizon has a sophisticated cybersecurity practice in place, and they see thousands of targeted threats against their organization every day.
Network visibility has had a significant impact on their overall cybersecurity practice. As Horizon Bank SVP & Senior Technology Officer Joe Henrich states “Lumu detects the things that make it past our early defenses, because Lumu caught it so early on we can isolate the computer and get rid of the problem before it’s able to take more action.”
Operating cybersecurity at scale is the crux of the challenge facing both MSPs and financial institutions. The most critical components required to do so effectively are early detection, simplicity, and quick responses.
Closing the Gap Between Detection and Response is Critical
Our customers understand the importance of ensuring a quick response to malicious incidents. There are two things that play a key role in closing that window of opportunity for the attacker.
Incident Context
If you’re receiving an alert that something is happening, the details matter. Who was impacted? When did this happen? Is this associated with a ransomware precursor? Why is this being flagged as a malicious incident?
Ryahn from Lehigh Valley Technology and Chris from Horizon Bank both found that our incident context plays a huge role in their daily tasks. It answers all of the questions. Each incident comes with its unique attack playbook. This helps them gain a deeper understanding of the attack and techniques used for a targeted response to the incident. When you know what is happening, you’re able to close the gaps in your network.
Simplicity of the Interface
Our customers find Lumu’s interface to be really user friendly, making it easy to operate cybersecurity on a daily basis. We simplify this by only alerting them when something malicious takes place and showing them what they need to know, when they need to know it.
All of their information is easily accessible through the Lumu portal, giving them the ability to manage incidents from one place and providing various options via automated responses and API calls.
They Have the Tools, but Network Visibility Provided an Expanded View
A common theme in all of my conversations with customers was that they have firewalls, intrusion detection/prevention systems, and VPNs, yet they were not enough. Those solutions do find things, but as Joe states “we have all the systems, but Lumu catches the things and alerts on the things that those tools didn’t see.”
Having the ability to monitor the entire network has provided enhanced detection capabilities, finding things they hadn’t seen before. As Joe said “Lumu has on several occasions found phishing attempts that all of the other tools missed. In one of them, we found that the user forwarded the phishing email too.” They were able to quickly remediate this attack that they wouldn’t have seen without that level of network visibility.
Though the threat landscape is always shifting, the one thing that remains constant is that the adversary has to leverage the network to successfully carry out an attack, and Lumu discovers that early on. This is something our customers find to be incredibly valuable.
I enjoyed meeting with our customers and gaining a deeper understanding of their cybersecurity needs and how Lumu plays a role in their daily cybersecurity operation.
Learn More
You can learn more about these conversations with customers by accessing the video case studies here: