Plymouth Rock Assurance has served the insurance needs of its clients for over 40 years. Specializing in auto and homeowner’s insurance, the Plymouth Rock group of companies has sustained steady growth and now write and manage more than $1.5 billion in premiums across the American Northeast.

As a fast-growing company in a tightly regulated industry tasked with managing large troves of customer data, Plymouth Rock places a special emphasis on strong cybersecurity.

The Challenge:

Plymouth Rock has a committed team working hard to ensure the company’s critical assets remain secure. To accomplish this, the team utilizes tools from vendors to identify and mitigate threats. XM Cyber has played a significant role as Plymouth Rock enhances and continually invests in security protection.

Before deploying XM Cyber, Plymouth Rock used vulnerability scanners, antivirus software, and other tools to safeguard critical assets. However, as the company grew it faced increasing security threats and they needed more sophistication and support with identifying threats and prioritizing risk. To address these challenges, the team at Plymouth Rock engaged with XM Cyber. XM Cyber did not replace these standard tools but complemented the company’s existing resources to identify exposures from misconfigurations, vulnerabilities, and human error.

The Results

Plymouth Rock deployed XM Cyber’s Exposure Management platform to strengthen its overall security posture. Company leaders say that XM Cyber plays a critical role in identifying critical assets and zones and showing precisely how many steps it would take an attacker to compromise those assets.

When XM Cyber’s Continuous Exposure Management platform indicates that an asset can be compromised in five steps or fewer, the Plymouth Rock security team jumps into action and begins working to close the vulnerability. Company executives credit XM Cyber with identifying the most urgent, high-risk exposures and providing actionable, prioritized remedial recommendations for security teams.

XM Cyber also drew high marks for its integration with the MITRE ATT&CK framework, which allows the XM Cyber Exposure Management platform to closely mimic the tactics of Advanced Persistent Threats (APTs). These sophisticated adversaries can breach a network, move laterally and exfiltrate crown jewel assets while escaping detection.

Plymouth Rock credits XM Cyber with exposing the potential for APT and lateral movement risks and reducing the time that would ordinarily be spent working to deter such threats. Company executives also recommend XM Cyber’s ability to show how attacks would unfold under real world conditions — something they say galvanizes defenders and gives their work added meaning.

Plymouth Rock At-A-Glance:

• Eliminate guesswork with context-based prioritization
• Neutralize advanced threats before they move
• Improve operational efficiency through “Dead End” detection

Working Toward a More Secure Future with XM Cyber

An organization the size of Plymouth Rock generates a long list of tasks to assist in mitigating security risks. This means that smart, streamlined prioritization is a key objective. Plymouth Rock leaders say that the platform makes this process much faster and easier. Instead of devoting significant work hours to scope these risks, the team relies on XM Cyber to help with prioritization based on risk analysis.

Plymouth Rock continues to incorporate XM Cyber into their overall security posture on both on-premise and cloud environments. Company executives say that XM Cyber’s ability to go much deeper into threat analysis is a key differentiator. Unlike other tools, XM Cyber can identify hidden vulnerabilities that can exploited by highly sophisticated attackers.