Demo of the CyCognito PlatformSee the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. More...
State of External Exposure Management, Summer 2024 EditionDownload the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. More...
The Total Economic Impact™ of The CyCognito PlatformRead The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...
Eliminating unnecessary services yielded $100K in cost savings over three years.
Gained continuous visibility into the complete external attack surface for the first time.
Automation and centralized management improved efficiency and reduced the need for new hires.
Achieved an 86% reduction in critical alerts in three years, from 140 to just 20.
Daniel Schlegel, Global CIO for Berlitz Corporation, spearheads IT strategy, security, and data privacy for the organization and its subsidiaries. Schlegel’s team is the company’s first line of defense, keeping the organization operational, safe, and successful in an ever-shifting threat landscape.
Berlitz’s digital infrastructure is complex and has faced challenges identifying and assessing potential security vulnerabilities across its diverse systems and applications. With a history of decentralized operations, Schlegel predicted that unknown and unmanaged assets were hiding in their external landscape.
“Our organization has been around for 145 years, and until recently, a lot of operational functions were decentralized and regionally operated,” Schlegel says. “At that time, anyone with a little budget could authorize a public-facing resource.”
Previously, much of Berlitz’s processes were largely manual and provided insufficient visibility, causing potential security gaps. It took significant manual effort to carry out risk management, vulnerability management, and penetration testing.
This added a substantial operational load for his team, spiraling resource costs as they continually increased headcount to keep pace with their growing external attack surface. This wasted time failed to identify or protect their entire external attack surface.
“We were looking for a platform to automate tasks such as ongoing scanning and proactive assessment of our external attack surface,” Schlegel says. “We wanted to keep abreast of general vulnerabilities and whether they potentially impacted the business.”
“CyCognito helped us discover external assets we previously had no idea about; there is no question of the benefit this platform provides to my team members and me.”
Schlegel launched a search for an automated platform to manage external attack surfaces that would unify security practices across decentralized operations. They evaluated several vendors and conducted thorough research.
CyCognito was the clear frontrunner, not only for its robust technology but for the genuine care the team behind the platform showed.
“They showed genuine interest in our success as a customer,” says Schlegel. “The communication was good, and we’ve continued to have good mutual exchanges.”
Berlitz initially ran a proof of concept with CyCognito. The process and the results left them no doubt it was the platform for them.
“We felt comfortable relatively early on with CyCognito,” he says. “The overall approach that was taken and more so the results that we saw even during a proof of concept, there were assets discovered that we generally had no idea about, and so this gave us the confidence that this was the right solution for us.”
CyCognito gave Schlegel and his team complete visibility and insights across its global external attack surface. This was the pivotal ‘aha’ moment for him.
“There was an ‘aha’ moment on a somewhat regular basis; there were findings initially that came out of it,” he says. “We really did not necessarily know the level of detail at this point, and we developed an understanding of what assets and threats may be out there that perhaps we weren’t aware of.”
“The biggest thing for us is the built-in Exploit Intelligence and the Attack Surface Management; these two key aspects are what emphasize the most.”
A dashboard lays out what systems and assets are at critical risk, where they’re exposed, and how to eliminate that exposure.
“First, we have the visibility, and then the prioritization, so we know week-over-week where we need to focus our time,” says Schlegel.
CyCognito’s Exploit Intelligence gives his team the latest data on how vulnerabilities are exploited and how they map to Berlitz’s security landscape.
“The biggest thing for us is the built-in Exploit Intelligence and the Attack Surface Management; these two key aspects are what emphasize the most,” adds Schlegel.
In the first full year running the platform, CyCognito alerted Berlitz to 140 critical items that needed to be prioritized and remediated.
“I’m pretty sure out of those 140 items, we would have only come across a fraction doing it ourselves manually,” he says.
As a result of their efforts, the number of critical alerts continues to decrease year-over-year. After the first full year of utilizing the platform, the 140 alerts were reduced to nearly 60 in the second year, and last year, they hadn’t even reached 20.
“There was a large number of items to manage at the start, but now that those items are resolved, the number is much smaller,” he says. “The platform's value keeps increasing; it validates our efforts- the smaller the number, the better everything works, and that’s key to us.”
“In my role, it’s always a concern that we don’t know how deep some scenarios may go,” he says. “But CyCognito gave us a new level of detail and visibility into our assets that we hadn’t experienced before we even discovered other assets that we had no idea about.”
In one example, Schlegel and his team made a high-stakes discovery of an unknown orphan payment gateway used in the early stages of an e-commerce project many years ago. They were able to track down the gateway and shut it down through the vendor that was hosting it.
“We found a number of these types of potential risks from unknown assets. If we hadn’t discovered that, it could have been possibly taken over and repurposed by somebody,” he says. “From a reputation perspective, that wouldn’t have been in the best interest of the organization.”
“The efficiency gains were substantial, particularly in remediating vulnerabilities. CyCognito brought accountability and centralized visibility to our assets, enhancing governance.”
CyCognito boosted Schlegel’s teams’ efficiency, optimizing their operations without requiring a significant increase in headcount.
“CyCognito was a force multiplier for our small team, allowing us to do more,” he says. “The automation that is built into the platform means we don’t need to exponentially increase our headcount just to manage our assets.”
Automated workflows and centralized management, enabled his team to focus their efforts based on actual risk exposure to their most critical assets and remediate faster. When vulnerable assets need patching, the platform automatically flows that evidence into Berlitz’s existing tools without any intervention from IT. Support tickets are created automatically when new risks are detected. Tickets are pushed directly to the relevant team’s Jira queue, so Schlegel knows they’ll be resolved in a timely way.
“The efficiency gains were substantial, particularly in remediating vulnerabilities,” says Schlegel. “CyCognito brought accountability and centralized visibility to our assets, enhancing governance.”
“CyCognito enables us to bring all our external assets under one umbrella, to look at this more holistically and centrally manage what’s happening.”
In a specific instance, they consolidated disparate business systems—based on insights from the CyCognito platform—which reduced business costs and improved IT hygiene. Trusted data from CyCognito also led them to shut down numerous assets, strengthening security and saving dollars. This was another ‘aha’ moment for Schlegel.
“When we started shutting things down, we saved several thousands of dollars on a monthly recurring basis, over a number of years, you quickly get into six-digit savings,” says Schlegel.
Schlegel is confident that CyCognito proactively monitors Berlitz’s external attack surface, addressing vulnerabilities and potential threats before they are exploited.
“CyCognito enables us to bring all our external assets under one umbrella, to look at this more holistically and centrally manage what’s happening,” says Schlegel.
Berlitz Corporation is a world-leading language and cultural training provider with over 140 years of experience. Using The Berlitz Method, a proven, immersive technique that helps individuals, businesses, governments, and non-profit organizations develop language skills, cross-cultural understanding, and confidence to succeed.
Operating in 70 countries and teaching more than 50 languages, Berlitz tailors programs to each student’s proficiency level and learning preferences, offering flexible online, in-person, or hybrid options.
Discover how Berlitz leverages CyCognito to gain visibility into its external attack surface, enhancing its security and compliance while reducing costs.
Request a personalized walkthrough of the CyCognito platform to see how we can help your company identify all its internet-exposed assets, focus on which are most vulnerable to attacks, and accelerate your time to remediating critical risks.
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure.
Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. Based in Palo Alto, CyCognito serves a number of large enterprises and Fortune 500 organizations, including Colgate-Palmolive, Tesco and many others.
For more information, follow us on Twitter @cycognito.
Privacy Policy Terms of Service Sitemap