How Norwich Stays Always-On: Cyber Defense That Lets a City Sleep at Night

When your city’s police and fire departments never clock out – and they don’t – neither should your cybersecurity. After all, cyberattacks are no less criminal than arson or a mugging. And often with a bigger blast radius. 

That was the challenge for Raymond LaRose, who runs IT for the city of Norwich, Connecticut. Norwich is technically a small city – just 40,000 residents. But it felt enormous to the three-person IT team that supports 17 departments, from public safety to public works, without a dedicated security staffer.  

Rapid7 offered a shared mission, not a mysterious, expensive black box

When evaluating vendors, Raymond wasn’t looking for another, traditional outsourced service that would take over his data or processes. He wanted transparency and collaboration — a partner who would share access and responsibility, not take control.

That shared visibility became a differentiator. In fact, Raymond says it was the deciding factor. 

Norwich can investigate alerts, enrich data, and even use automation for IT workflows. Monthly check-ins with a dedicated Cybersecurity Advisor help keep projects prioritized and aligned, something Raymond says is invaluable for a small, fast-moving team. “It’s like having someone remind me what to keep at the top of my list — those little things that can slip through the cracks when you’re juggling everything else,” said Raymond.

Rapid7 caught an account takeover attempt during onboarding, before going live

The value of the partnership was proven almost immediately, as Rapid7’s Managed Detection & Response Service began deployment across the city’s complex environment. Rapid7’s SOC detected a suspicious login attempt: a user had received a malicious email and unwittingly shared their MFA code. Rapid7 alerted the team by email and phone, providing clear, actionable next steps.

Within minutes, Norwich disabled the account, investigated the activity, and confirmed the threat was contained.

It was all in one quick alert: what happened, who it was, and what to do next,” said Raymond. “We moved fast and stopped it before anything else happened.”

That early success delivered confidence that things were working exactly as intended.

Norwich also saw that Rapid7 was customer-first, even before you’re a customer. “All of our questions were answered honestly and in plain language,” said Raymond. “It didn’t feel like we were necessarily being sold a product. It felt more like we were both looking to see if Rapid7 fit what we were looking for in terms of a partnership, as opposed to just trying to sell us something,”

Big, medium, or small, cities don’t sleep – and we’re on watch.

Today, Norwich’s small IT team has full visibility across its environment - Microsoft 365, multiple Active Directory domains, and endpoint telemetry – without sacrificing control. Rapid7’s SOC monitors threats continuously, while Raymond and his team use the same tools to manage investigations, parse firewall data, and refine security policies.

Getting a better night’s sleep. Rapid7 is there for that.