;)
Watch Quisitive Director of Security and Compliance Solutions and Security Office Leader Ed Higgins, along with the CTO of Critical Start Randy Watkins, as they discuss 5 priorities for security teams to reduce risk.
In this on-demand webinar, we'll cover:
- Framework Alignment: Achieving seamless alignment with industry-standard security frameworks is essential to fortify your organization's security posture. Yet, it can be an intricate puzzle that demands your attention.
- Simplifying Security Architecture: Complexity can be your worst enemy in the quest for an efficient, adaptive, and effective security infrastructure. Simplification is the key to unlocking its true potential.
- Endpoint Security: With the rapid rise of remote work and a sprawling network of endpoints, securing each device is paramount. Endpoint security is now your front line of defense.
- Vulnerability Management: In a landscape where threats continuously evolve, identifying, prioritizing, and mitigating vulnerabilities is a perpetual endeavor. The success of your strategy hinges on how adeptly you manage this process.
- 24x7 Monitoring Capabilities: The realm of cyber threats knows no downtime. Establishing vigilant 24x7 monitoring capabilities is no longer a luxury but an imperative for early threat detection and rapid response.
;)
In this case study:
Industry: Professional Services
Products and Services: Spyglass Security and Compliance
Country: USA

Background
An architecture and engineering firm was looking for a way to improve their security posture using the security tools they already owned in their Microsoft tenant. With customers in the public and private sector requesting security compliance assessments and surveys, the firm needed well-defined security procedures to demonstrate a sound and operational security posture.
With Quisitive’s help, the firm’s IT team was able to define clear security and compliance solutions and procedures that aligned with their business needs. Quisitive was able to reduce the number of vulnerabilities and strengthen the firm’s overall security posture to prevent the possibility of future breaches.
Challenge
The firm’s chief information security officer (CISO) and IT team could not always adhere to security compliance assessments and surveys, and they were lacking the time and resources necessary to do an audit of their security landscape. Quisitive conducted an Office 365 security assessment, revealing a number of vulnerabilities, including VIP-level users logged in with impossible travel situations, a high volume of end-user phishing attacks and an excess of admin accounts and shared service accounts. Within one week of Quisitive’s findings, the firm committed to a 3-month Spyglass trial in which the Spyglass team rolled out advanced Microsoft security features.
The firm was then asked to give an update to its board and senior leadership on the status of its security posture the future of its security posture and the steps that were being taken to make improvements. Quisitive helped the firm’s chief information security officer build a progress report in nontechnical terms using Microsoft tools and Spyglass dashboards
Solution
After conducting an Office 365 security assessment and a 3-month Spyglass trial, the firm signed on to Spyglass as a full-time customer. During this time, Quisitive worked with the firm to evaluate their existing security and compliance policies, close security gaps and adopt the National Institute of Standards and Technology (NIST) 800-53 to satisfy customers in the public and private sectors.
Six months after implementing Spyglass, Quisitive helped double the firm’s Microsoft Secure Score, reduce the number of impossible travel events by 50%, reduce the number of unfamiliar login locations by one-third, and automatically remediate over 30,000 phishing attempts.
Quisitive also helped cut global admin and service accounts by 50%, cut sensitive data stored in Office 365 by one-third, cut stale externally shared files by 50%, and reduce the number of files being shared with personal emails to zero. Overall, end-user adoption of new security features increased to over 90%.
When the firm’s chief information security officer was asked to report on the firm’s security posture, he was able to pull key metrics from Microsoft’s Security & Compliance Center and Spyglass dashboards to demonstrate, quarter over quarter, incremental and steady progress and give insight into the near-term risk reduction work that was being done.