Berlitz Gains Global External Attack Visibility with CyCognito

Daniel Schlegel, Global CIO for Berlitz Corporation, spearheads IT strategy, security, and data privacy for the organization and its subsidiaries. Schlegel’s team is the company’s first line of defense, keeping the organization operational, safe, and successful in an ever-shifting threat landscape.

Berlitz’s digital infrastructure is complex and has faced challenges identifying and assessing potential security vulnerabilities across its diverse systems and applications. With a history of decentralized operations, Schlegel predicted that unknown and unmanaged assets were hiding in their external landscape.

“Our organization has been around for 145 years, and until recently, a lot of operational functions were decentralized and regionally operated,” Schlegel says. “At that time, anyone with a little budget could authorize a public-facing resource.”

Previously, much of Berlitz’s processes were largely manual and provided insufficient visibility, causing potential security gaps. It took significant manual effort to carry out risk management, vulnerability management, and penetration testing.

This added a substantial operational load for his team, spiraling resource costs as they continually increased headcount to keep pace with their growing external attack surface. This wasted time failed to identify or protect their entire external attack surface.

“We were looking for a platform to automate tasks such as ongoing scanning and proactive assessment of our external attack surface,” Schlegel says. “We wanted to keep abreast of general vulnerabilities and whether they potentially impacted the business.”

Solution

Automation and Proactive Risk Management

Schlegel launched a search for an automated platform to manage external attack surfaces that would unify security practices across decentralized operations. They evaluated several vendors and conducted thorough research.

CyCognito was the clear frontrunner, not only for its robust technology but for the genuine care the team behind the platform showed.

“They showed genuine interest in our success as a customer,” says Schlegel. “The communication was good, and we’ve continued to have good mutual exchanges.”

Berlitz initially ran a proof of concept with CyCognito. The process and the results left them no doubt it was the platform for them.

“We felt comfortable relatively early on with CyCognito,” he says. “The overall approach that was taken and more so the results that we saw even during a proof of concept, there were assets discovered that we generally had no idea about, and so this gave us the confidence that this was the right solution for us.”

CyCognito gave Schlegel and his team complete visibility and insights across its global external attack surface. This was the pivotal ‘aha’ moment for him.

“There was an ‘aha’ moment on a somewhat regular basis; there were findings initially that came out of it,” he says. “We really did not necessarily know the level of detail at this point, and we developed an understanding of what assets and threats may be out there that perhaps we weren’t aware of.”

Benefits

Berlitz Relies on External Attack Surface Management and Exploit Intelligence

A dashboard lays out what systems and assets are at critical risk, where they’re exposed, and how to eliminate that exposure.

“First, we have the visibility, and then the prioritization, so we know week-over-week where we need to focus our time,” says Schlegel.

CyCognito’s Exploit Intelligence gives his team the latest data on how vulnerabilities are exploited and how they map to Berlitz’s security landscape.

“The biggest thing for us is the built-in Exploit Intelligence and the Attack Surface Management; these two key aspects are what emphasize the most,” adds Schlegel.

In the first full year running the platform, CyCognito alerted Berlitz to 140 critical items that needed to be prioritized and remediated.

“I’m pretty sure out of those 140 items, we would have only come across a fraction doing it ourselves manually,” he says.

As a result of their efforts, the number of critical alerts continues to decrease year-over-year. After the first full year of utilizing the platform, the 140 alerts were reduced to nearly 60 in the second year, and last year, they hadn’t even reached 20.

“There was a large number of items to manage at the start, but now that those items are resolved, the number is much smaller,” he says. “The platform's value keeps increasing; it validates our efforts- the smaller the number, the better everything works, and that’s key to us.”

Discovery of Hidden Assets

“In my role, it’s always a concern that we don’t know how deep some scenarios may go,” he says. “But CyCognito gave us a new level of detail and visibility into our assets that we hadn’t experienced before we even discovered other assets that we had no idea about.”

In one example, Schlegel and his team made a high-stakes discovery of an unknown orphan payment gateway used in the early stages of an e-commerce project many years ago. They were able to track down the gateway and shut it down through the vendor that was hosting it.

“We found a number of these types of potential risks from unknown assets. If we hadn’t discovered that, it could have been possibly taken over and repurposed by somebody,” he says. “From a reputation perspective, that wouldn’t have been in the best interest of the organization.”

Unlocks Operational Efficiency and Accountability

CyCognito boosted Schlegel’s teams’ efficiency, optimizing their operations without requiring a significant increase in headcount.

“CyCognito was a force multiplier for our small team, allowing us to do more,” he says. “The automation that is built into the platform means we don’t need to exponentially increase our headcount just to manage our assets.”

Automated workflows and centralized management, enabled his team to focus their efforts based on actual risk exposure to their most critical assets and remediate faster. When vulnerable assets need patching, the platform automatically flows that evidence into Berlitz’s existing tools without any intervention from IT. Support tickets are created automatically when new risks are detected. Tickets are pushed directly to the relevant team’s Jira queue, so Schlegel knows they’ll be resolved in a timely way.

“The efficiency gains were substantial, particularly in remediating vulnerabilities,” says Schlegel. “CyCognito brought accountability and centralized visibility to our assets, enhancing governance.”

Eliminating Unnecessary Services Yielded $100K in Savings Over Three Years

In a specific instance, they consolidated disparate business systems—based on insights from the CyCognito platform—which reduced business costs and improved IT hygiene. Trusted data from CyCognito also led them to shut down numerous assets, strengthening security and saving dollars. This was another ‘aha’ moment for Schlegel.

“When we started shutting things down, we saved several thousands of dollars on a monthly recurring basis, over a number of years, you quickly get into six-digit savings,” says Schlegel.

Schlegel is confident that CyCognito proactively monitors Berlitz’s external attack surface, addressing vulnerabilities and potential threats before they are exploited.

“CyCognito enables us to bring all our external assets under one umbrella, to look at this more holistically and centrally manage what’s happening,” says Schlegel.