CARE USA Augments Security Posture and Increases Efficiencies With Ingalls

The Challenge

In 2017, CARE USA found themselves facing a major crisis when they discovered that some of their systems had been compromised. 

With the complex responsibility of overseeing globally dispersed offices, staff, and infrastructure, CARE USA’s internal IT Team was tasked with managing information security efforts across multiple locations worldwide. No matter how well you think you're protected, a security breach can still happen even with controls in place, and CARE USA quickly realized their systems were in crisis. By working with Ingalls, CARE USA was able to not only uncover the root cause of the breach, but also identify the vulnerabilities that allowed it to happen in the first place, and ultimately put processes in place to respond to and mitigate any future risks or incidents.

The Outcome

From Crisis to Business Continuity to 24/7/365 SOC Coverage

Even the most seasoned IT teams aren’t always well-equipped to troubleshoot and solve cyber crimes or potential data breaches. When CARE USA realized they were compromised, they needed incident response experts to triage, contain, investigate, and remediate the issue and put controls and processes in place to mitigate and eradicate future threats.

“We'd had some compromised systems and working with Ingalls we were able to determine not only what happened, but what were the gaps that led this attack to be possible,” said Allen Dubsky. “It was kind of an eye-opener for senior leadership here at CARE, but partnering with Ingalls — and with a major effort from our senior leadership team — we were able to take our infrastructure from an almost neglected state to where it is today.”

After the incident response was resolved, CARE USA enabled Ingalls’ MXDR (Managed Extended Detection and Response) services for comprehensive alerting, monitoring, and analysis for every endpoint — greatly reducing the risk of a future incident or breach.

“Ingalls covers all of our endpoints here in the United States, as well as all of our network traffic,” said Allen Dubsky. Speaking to the actionable tickets received from the Ingalls SOC, Allen added, “All of that goes to their SOC where alerts are generated, and then their analysts look them over and create tickets.”

“It was kind of an eye-opener for senior leadership here at CARE. We were able to take our infrastructure from an almost neglected state to where it is today.”

Slow-carb chartreuse vice quinoa, brooklyn everyday carry pour-over kombucha franzen leggings. Food truck banjo thundercats hashtag iPhone, post-ironic sriracha gochujang occupy beard quinoa humblebrag. Flannel gastropub irony authentic tacos. Artisan distillery cray cornhole gastropub kickstarter, man braid hammock sriracha +1 marfa direct trade. Bushwick stumptown gastropub, hammock tilde flexitarian chartreuse biodiesel. Organic flannel dreamcatcher church-key.

A Strengthened Security Program

One of the biggest priorities for CARE USA was ensuring a breach wouldn’t happen again, and one of the critical steps was identifying gaps in their current security strategy. After an assessment by Ingalls’ Professional Services team, it was clear that CARE USA needed help augmenting their current security efforts and the first way to do that was leveraging the capabilities of a vCISO. The role of a vCISO is similar to that of a Chief Information Security Officer (CISO), who is responsible for the overall strategy and implementation of an organization’s information security program, but on a contractual, consultative basis. vCISOs are a cost-effective solution for organizations that don’t have the resources or need for a full-time CISO, or as a way to augment their existing security team. 

The vCISO services helped CARE USA with policies and procedures for vulnerability lifecycle management, cybersecurity end-user training, business continuity, and disaster recovery — all the different things needed to help raise and strengthen their cybersecurity maturity. A critical, real-life use case for the value of a vCISO was clear when CARE USA needed to oversee and manage data for a new office in a different country. 

“We needed to understand where their data was, what type of data we're looking at, what their data procedures were, and where the gaps were from a data protection perspective,” said Allen Dubsky. “And Ingalls was able to provide someone very quickly, and they did a fantastic job.”

A People First, Mission Always Partnership

One thing was obvious to CARE USA from the start: Ingalls was a company that truly did care about their clients. From the first interaction to the long-standing relationship years later, the people at Ingalls are what make all the difference.

“The biggest value at Ingalls is their people,” said Allen Dubsky. “I'm very good at what I do, but I also need help and I feel very confident in the level of expertise that they have at Ingalls. I’ve never had to wait longer than 30 minutes to an hour to get a response from Ingalls — really.”

CARE USA was looking for a cybersecurity partner that would come alongside their existing team to provide cybersecurity overwatch for their IT environment, and they found that in Ingalls. “If I could describe the partnership that we have with Ingalls I would say that we're like teammates,” said Allen Dubsky. “We rely on each other to get the job done. They're very easy to talk to from a person-to-person perspective. They are incredibly intelligent experts in what they do, and they have a level of expertise and professionalism.”