SecurityScorecard takes on continuous monitoring for a global nonprofit organization
The Challenge
This large, multinational nonprofit was founded by a group of non-government independent organizations in the mid-1990s to fight poverty around the world. Over the decades, the organization has grown to work in 70 countries across 21 of its member organizations and now distributes funds to over 19 million people worldwide. With such a broad global reach, employee-based security is top of mind.
Before engaging SecurityScorecard, the company performed its own security management by using SecurityScorecard’s ratings platform, along with other internal security management solutions. Given the nonprofit nature of the business, the organization felt that the existing internal solutions did not sufficiently safeguard its operations.
With the customer’s expanding and changing global footprint, SecurityScorecard’s response capabilities were key because incidents were validated, triaged, and assigned a severity level by the SecurityScorecard team.
The Solution
The customer engaged SecurityScorecard to conduct a vulnerability scan and penetration test to understand its existing security posture and level of vulnerability. While the customer had not experienced any breaches, it was evident that they needed help with continuous monitoring and triage of high-vulnerability events. With the customer’s expanding and changing global footprint, SecurityScorecard’s response capabilities were key because incidents were validated, triaged, and assigned a severity level by the SecurityScorecard team. The customer was then notified of the high and critical incidents that needed immediate action.
As part of the engagement, SecurityScorecard also helped the customer with vulnerability scanning to ensure that any other AWS instances deployed across the organization were secure.
General Info
CompanyNot for Profit Company |
IndustryNon-Profit |
Employees7,800 |
HeadquartersN/A |
Products UsedSecurityScorecard Ratings |
Use CasesSelf Monitoring Compliance Penetration Testing Ransom Remediation |
Why SecurityScorecardProvides reliable and accurate data and manages services required for ongoing monitoring and compliance.
|
The Results
With a combination of continuous monitoring and quarterly deepdive reviews, the organization has not experienced any cyber breaches. They were cognizant of the fact that some organizations had made missteps while managing their globally-federated enterprises, and wanted to avoid issues with federated security. SecurityScorecard delivered peace of mind to the staff by enabling them to secure their data and critical business systems.