Domestic & General Works With Rapid7 to Operationalize Cybersecurity

The Challenge

Domestic and General is a 110-year old business with an accumulation of systems and dozens of IT processes that have evolved over the years. As the company expands globally and digitizes, their attack surface is growing. The mixed heterogeneous environment creates additional challenges in terms of increased cyber risk. 

D&G’s Chief Information Officer, Phil realized that he needed to enhance the company’s cyber protections and empower the business to own their cyber risk. But D&G was missing a platform that a modern organization needs to ensure it’s protected adequately in identifying risk and threats – in a hybrid environment, at scale and with context. “We needed a modern set of technologies that together would give us observability and proactive capabilities,” states Phil.

The Solution

Phil looked for a cybersecurity partner that would enable D&G to operationalize cybersecurity; to ensure that the department and person in the best position to manage the risk, had visibility into the risk and the tools to address it. “Based on the sheer volume of data, tooling, and accountabilities that were being distributed back into the business, we knew that we needed an advanced, easy-to-use platform to help orchestrate that.”

Domestic and General chose Rapid7’s Platform with InsightVM for vulnerability risk management, InsightCloudSec, cloud risk and compliance solution, InsightAppSec for application security, and Threat Command by Rapid7 to manage external threats. Plus, to supplement their security team Domestic and General chose Rapid’s Managed Detection and Response service. “When we deployed the Rapid7 platform, it gave us a whole load of insights that we didn’t have before.”

Comprehensive and Easy-to-Use

“We identified a number of different tools that would help protect endpoints, the perimeter, and our end-users. But the thing that we needed and where we were quite blind was how you bring all that together,” recalled Phil. “We looked for a toolset that would bring that together in an intelligent way. And that’s where the Rapid7 Platform came on our radar.”

“The ease-of-use and strength of the Rapid7 Platform is significant. It offers a comprehensive, integrated solution with a set of user-friendly tools,” he explained.

“Digesting complicated, fast-moving data is easier. And that’s really important in this world. If stuff is happening, the ability to quickly digest large data sets and figure out what’s real is critical. Rapid7 stood out on that front.”

Expanding Visibility and Ownership of Risk Beyond IT

The Rapid7 Platform is enabling Phil and his team to assign ownership of tasks, actions, and risks to different team members within the organization. As a result, Phil is moving cybersecurity out of the realm of technology and making it a core part of the business processes. It is helping improve resilience across the company.

For example, Phil points out how easy it is for criminals to create spoof websites. There’s literally hundreds with derivatives of the D&G name. And, the team best placed to make a decision on what to do with those websites is our Brand team. Do they want those websites taken down or those domains registered to D&G or deleted from the internet register? It’s not a security or a technology decision. But historically at D&G, the brand team has not been empowered to own this; that fell to the Information Security team to manage.

Now, states Phil, “ the person best suited to manage the risk, will own the risk from a cyber perspective. And, with the Rapid7 Platform , these teams don’t need to be cybersecurity experts. This massively increases the velocity, the productivity of the team. So, there’s definitely a cost saving that comes from not having to build out loads of bodies staring at monitors.”

Phil adds that he receives a lot of compliments about the Rapid7 platform from the business teams because of its ability to take in and present a lot of data in a way that is easy to use and understand. ”People are telling us, Wow, this is great. I never had this way of looking at and managing risk before. I’m more than happy to own it. It’s definitely part of our job.” 

A “Massive” Increase in Productivity

Another winning aspect; the ephemeral single pane of glass. With the Rapid7 platform D&G has one central pane of glass to see where risks are within all the functions, and to make sure each function is mitigating those risks. “From my perspective as the CIO, Rapid7 provides a Platform that amplifies the ability of information security as a central function to be much more informed about that risk,” Phil notes. 

Furthermore, Phil says that single pane has “massively” increased the productivity of the D&G team by bringing contextual data to the severity of an issue. “It’s either a high or medium alert and the tool just quickly says where you need to look. And so far, it’s been spot on. We’ve not had any false positives that have given us any concern.”

“And, Rapid7’s orchestration capabilities are unmatched,” continues Phil. “Rapid7 gives us visibility into a much more dynamic state because the cloud is much more dynamic. So, there’s more risk being managed better because the MDR SOC is able to observe what’s really going on.” 

New Data, Greater Insights

D&G soon learned that with Rapid7, they gained insights from new sets of data, and translated that data in a way that business stakeholders can understand and act on. ”Our appetite for metrics hasn’t changed, but our ability to deliver context  to support the metrics has changed significantly with Rapid7. It’s been modernized. It’s night and day from where we were six months ago and I think it will accelerate over the next six months,” notes Phil. 

D&G always tracked some of the technical metrics, such as the number of DdoS attacks, phishing and malware emails. And Phil notes that in the past, those metrics, which are quite technical, have been relatively easy because you can go into the tools and find those metrics. “But the Rapid7 SOC provides a more well-rounded view of risk allowing us to bring into that portal the metrics around brand, reputational management, and spoof domains. And that allows us to gain a view into the overall cyber risk facing the business.” 

Phil adds that he receives a lot of compliments about the Rapid7 platform from internal users because of its ability to take in and present a lot of data in a way that is easy to use and understand. 

Continuing the Journey with Rapid7

D&G has achieved a lot with Rapid7, and Phil says their company is still on a journey toward the security posture they envision. Phil adds that the Rapid7 roadmap is something they’re leaning on as they head into 2023. “The way Rapid7 builds its business to enable companies like ours to ​​operationalise the management of cyber risks to improve enterprise resilience gives us confidence that this is a really exciting platform that’s going to go places.”