Industry | Driver | Company Size |
Non-Profit | Greater Visibility & Stronger Security Posture | 18 |
The Challenge
The National Conference of Insurance Guaranty Funds (NCIGF) relied on a security operations center for continuous monitoring but uncovered critical gaps during multiple audits, highlighting the need for a more reliable, proactive security solution.
The Solution
With Blumira’s user-friendly interface, NCIGF gained improved visibility, real-time alerting, and the ability to create custom detection rules tailored to their specific needs.
“Blumira gave us more visibility into what was going on. We were able to create our own rules, and the interface is better than what we experienced before.”
National Conference of Insurance Guaranty Funds
The National Conference of Insurance Guaranty Funds is a nonprofit trade association that supports property and casualty insurance guaranty funds across the U.S. It coordinates information on insolvencies, provides legal and administrative assistance to its members, and works closely with property and casualty insurance trade associations to address issues affecting state guaranty funds.
The Challenge: Lack of Visibility Exposes Security Gaps
Lee Minniear, Senior Systems Engineer at NCIGF, leads a team of two and oversees all IT operations. He is responsible for implementing and managing IT infrastructure, deploying critical systems, and ensuring the seamless operation of network security and monitoring solutions, including sensor installations and ongoing system performance.
“We've always done a pretty good job of securing ourselves, so we don't get a lot of alerts,” Minniear said, “but we had a few audits on our system, and [our SOC] wasn't giving us any alerts.”
Compounding the problem, their security operations center (SOC) had gradually reduced its service coverage over time. What was once a 24/7 monitoring operation had shifted to a limited five-day-a-week schedule, with only passive alerting on weekends. These changes left NCIGF vulnerable during off-hours, making it clear that their existing SOC was no longer meeting their needs.
“Our SOC made some changes to their policies, going from 24-hour monitoring to five days a week, lowering their footprint. So, it just wasn't going to work for us long term,” Minniear said.
Recognizing these gaps, Minniear began evaluating alternative security solutions. He needed a provider that could offer consistent visibility, around-the-clock monitoring, and proactive alerting.
“[Our SOC] changed their business over time and it stopped working for us. We needed to make sure that we were covered during the off times, and their automatic alerting wasn’t up to snuff,” Minniear said.
The Solution: Enhanced Visibility and Seamless Security Management
Minniear was introduced to Blumira through NCIGF’s contracted CISO, who recommended the platform as a potential SIEM solution to address the growing need for improved security visibility. After transitioning from their previous SOC provider to Blumira, NCIGF gained significantly better insight into their systems. With Blumira, Minniear was able to create custom rules tailored to their specific needs, a feature that was lacking in their previous solution.
“Moving from the SOC to Blumira gave us more visibility into what was going on,” Minniear said. “We were able to create our own rules within [Blumira], and the interface is better than what we experienced before.”
NCIGF evaluated other solutions as well, but found they offered less functionality and visibility. Blumira’s ease of use, intuitive interface, and responsive support team made it the best fit for their security needs.
“[Blumira] fit into what we do without disruption. It had an easier interface, and the support team on the back end was easier to talk to,” Minniear said.
Blumira provided hands-on support throughout the deployment process, guiding Minniear step by step for a smooth setup. The documentation on adding new sensors, including web sensors, was highly effective, and the support team was readily available for any manual configurations. Beyond using Blumira’s standard detection capabilities, the Minniear benefited from the ability to build custom sensors and rules tailored to their specific logging and detection needs.
“The deployment of our first sensors on our virtual machines was seamless. Not only are we using the documentation [the support team] identified we needed, but they also helped us build custom sensors,” Minniear said.
Proactive Threat Detection with Custom Alerts
During an Azure audit, NCIGF worked with Blumira to enhance alerting capabilities with a specific detection. Minniear collaborated with Blumira's support team to develop a new detection, ensuring better visibility.
Minniear values Blumira’s alerting capabilities, as consistent notifications provide reassurance that threats are actively being monitored. His team places significant trust in Blumira’s detection rules and ongoing improvements.“We were able to request a specific detection, and [Blumira] helped us build and configure it to look for specific keywords when logs appear,” Minniear said. “I still receive an alert every day at 8 PM, confirming that nothing has changed based on the custom rule I implemented.”
Additionally, Blumira’s ability to detect suspicious login attempts from other countries has reinforced the importance of real-time visibility into potential threats.“We put a lot of trust into the rules, and I know you're always refining things. When we became a customer, we placed that trust in Blumira’s hands,” Minniear said.
“Every once in a while, we’ll get an alert that says I tried to log in from another country. Well, I wasn’t there, so it failed. But I know that [Blumira] is working, and I’m being alerted,” Minniear said.
Support Team’s Personal Touch
For Minniear, the decision to transition to Blumira wasn't just about technical capabilities, it was also about the personal connection. Unlike other providers, Blumira offered a level of personable support that made the process smoother and more collaborative.
One of the standout aspects of Minniear’s experience was the ease of communication and support. Whenever he needed to configure an alert or adjust settings, it was simple to reach out to Blumira’s team, who provided valuable assistance in fine-tuning alerts to meet their specific requirements.“Blumira is more personable.You were nicer and easier to deal with. We weren't going to be just a number, we’re more like a partner,” Minniear said.
Although NCIGF has yet to face a significant security breach or penetration attempt, Minniear expressed confidence in Blumira's alerting capabilities. With the ability to track changes and receive immediate alerts when actions are taken within the environment, he felt assured that if an event were to occur, he would be alerted.“It's easy to get a hold of you to get a configuration set up if we need something to start alerting,” Minniear said, “your support really helps us build that alert so that it comes across the way we need it to.”
“If something happens overnight, I know that someone's going to either have eyes on it or be able to be contacted,” Minniear said.
“There’s a level of authenticity about your company that we really appreciate,” Minniear said. “It's just kind of like a friend saying, ‘hey man, we got you.’”
Eric Pitt
Eric is a Product Marketing Manager at Blumira focusing on customer research and positioning to continuously improve the Blumira platform.
More from the blog
View All Posts
Customer Story: Mid-Sized Manufacturing Firm
Read MoreHow Manufacturers Can Secure Themselves Against Cyber Threats
Read More
Four Cornerstones Of Cyber Resilience In Modern Manufacturing
Read MoreSubscribe to email updates
Stay up-to-date on what's happening at this blog and get additional content about the benefits of subscribing.