Overview

Kudelski Security, a top 20 Managed Security Provider (MSP) in the United States and a leader in the Forrester Wave™, faced challenges with their internally developed solution, Secure Blueprint. Despite its functionality, Secure Blueprint was not future-proof and incurred significant ongoing costs, estimated in the millions, for development and maintenance. The platform's limitations, such as the lack of forward-looking capabilities and the need for substantial staff to enhance the code, prompted Kudelski to seek an alternative solution that could reduce operational costs while maintaining, if not enhancing, their service quality.

Challenges

Increasing Service Volume  |  Elevating Client Deliverables  |  Client Collaboration

Kudelski aimed to offload the financial and operational burden of managing Secure Blueprint without compromising the service quality to their primarily mid-market client base. They also desired to increase the volume of assessments they were completing on a yearly basis without compromising the quality of services delivered, which would improve team productivity and gross margin. Aiming to establish themselves as a trusted advisor for clients worldwide, Kudelski saught to lead their clients in cyber risk assessment, quantification, and remediation efforts.

The firm required a solution that could handle NIST Cybersecurity Framework (CSF) assessments, as over 80% of their client offer the flexibility to assess against additional frameworks. They also wanted a solution with a white-label option, as they wished to elevate the robustness and sophistication of their deliverables from a reporting and dashboarding perspective.

Additionally, Kudelski identified a need for a comprehensive solution that included risk methodology aligned with NIST, CMMI, custom reporting and drill-down capabilities, and multi-tenancy that would allow for client team and decision-maker collaboration across national and international markets.

Solution

Increased Efficiency & Assessment Velocity  |  Multi-Tenant Client Collaboration  |  Custom Reporting & Dashboarding

Kudelski selected CyberStrong to power their comprehensive Risk Management as a Service (RMaaS) strategy, replacing their internally developed Secure Blueprint tool. This strategic move enabled the firm to leverage CyberStrong's advanced capabilities in conducting NIST CSF assessments, flexibility in frameworks and standards, and efficient cyber risk quantification, and remediation methodology. The adoption of CyberStrong significantly reduced assessment times, increased team productivity, and provided detailed, actionable reports that enhanced the value of the firm's work. Furthermore, CyberStrong's ability to generate visually appealing reports and track remediation efforts helped Kudelski become more integral to their clients' cybersecurity strategies by offering solutions to close gaps, track remediations, and measure Return on Security Investment (RoSI) on an ongoing basis, reinforcing their position as the clients' trusted advisor for security.

The transition to CyberStrong for Risk Management as a Service (RMaaS) allowed Kudelski to not only save on the costs associated with maintaining Secure Blueprint but also to enhance their service offering. By implementing CyberStrong, Kudelski is now able to eliminate the time-consuming aspects of their assessment services, thereby increasing the productivity of their team and improving their gross margin. The comprehensive cyber risk management solution provided by CyberStrong, including its support for multiple frameworks, maturity modeling, multi-tenency, and risk reporting, positioned Kudelski as a more valuable partner to their clients, enabling them to offer a full spectrum of cyber risk management services effectively.