How Pima Community College Strengthened Its Attack Surface Management with FortifyData

Challenge

Pima Community College struggled with comprehensively tracking its entire attack surface comprehensively, leading to vulnerabilities being overlooked and not addressed promptly.

Key Results

FortifyData clearly demonstrated not just the presence of vulnerabilities but also their potential impact and likelihood, making it evident why certain fixes needed prioritization as they were more critical to the risk of the College over others.

Download PDF

Background

Pima Community College, located in Tucson, Arizona, stands as the second-largest community college in the state, serving approximately 11,000 full-time students and over 33,000 unique individuals annually. With a strong focus on workforce development and transfer partnerships with local universities, Pima Community College plays a vital role in higher education in Arizona.

Isaac Abbs, the college’s Chief Information Officer (CIO), who leads an IT staff of around 100, needed a solution that would help the college meet its need for more effective attack surface management that included risk-based vulnerability prioritization.

Challenges

Despite having a range of existing security solutions, the institution recognized the limitations of its approach and sought to bolster its cybersecurity posture.

“We’re fortunate enough to have a lot of really solid solutions. But when we did a security assessment, one of the areas that showed where we could improve on was attack surface management,” said Abbs.

The institution struggled with comprehensively tracking its entire attack surface, leading to vulnerabilities being overlooked and not addressed promptly. Additionally, manual vulnerability management processes were cumbersome and lacked efficiency.

Evaluation and Adoption of FortifyData

The decision to explore FortifyData stemmed from a recommendation by one of the institution’s cybersecurity consultants, noting its capabilities and affordability. Impressed by its capabilities and value proposition during the demo, Pima Community College proceeded to evaluate FortifyData through a proof of concept. This initial trial allowed the institution to experience firsthand how FortifyData could address their cybersecurity challenges. Satisfied with the results of the proof of concept, Pima Community College made the decision to adopt FortifyData, recognizing its potential to significantly enhance their security posture.

“It is mind blowing that FortifyData has knocked off like 7-8 areas. I mean bang for the buck, I have not seen a better product yet. No single tool has
checked off more boxes than FortifyData.”

Issac Abbs, CIO, Pima Community College

Transforming Security Posture: Pima Community College Increases Score by 73% with FortifyData

“We have many top-end solutions, yet we still had a major blind spot,” Abbs recounts. “Major blind spots that those tools aren’t designed to capture. They’re designed for ‘once you get exploited how do you respond?’ We know the name of the game is how do you minimize the attack surface so we’re not getting exploited, that’s the part we were missing.”

FortifyData quickly demonstrated its value by identifying vulnerabilities that had previously been known but lacked immediate attention and was now able to communicate the importance of remediation due to risk based prioritization.

When Abbs introduced FortifyData to his team and others outside of the IT organization, he found it easy to explain the concept of security scoring and its correlation with vulnerabilities. With FortifyData’s comprehensive approach, Abbs could clearly demonstrate not just the presence of vulnerabilities but also their potential impact and likelihood, making it evident why certain fixes needed prioritization as they were more critical to the risk of the College over others.

This newfound emphasis on addressing critical vulnerabilities enabled the institution to enhance its security posture effectively. In just under two months, Pima Community College was able to bring their score up 73% by being able to get a prioritized view of vulnerabilities.

“It’s one thing to have a tool that gives you information that you do nothing with. It’s a whole other thing to bring in a tool that gives you information that you can take immediate action on,” Abbs said about FortifyData.

Moreover, the platform’s user-friendly interface and intuitive design facilitated its seamless integration into existing workflows. Plus, the inclusion of other cybersecurity solutions, like dark web monitoring, has allowed Pima Community College to cover other needs.

“It is mind blowing that FortifyData has knocked off like 7-8 areas, like dark web monitoring, attack surface management, third party, GRC compliance. I mean bang for the buck, I have not seen a better product yet,” said Abbs. “No single tool has checked off more boxes than FortifyData.”

Future Direction

One significant area of focus is expanding the platform’s usage for compliance monitoring and control assessments. The team will soon be aligning with frameworks such as the NIST Cybersecurity Framework as a top priority and other specialized frameworks like HITRUST to address HIPAA (Health Insurance Portability and Accountability Act) requirements.

While FortifyData has already proven instrumental in addressing high-priority vulnerabilities, the college is also considering integrating additional data sources, such asdata from internal vulnerability scanning , to enhance risk assessment and inform decision-making further. Moreover, the potential use of artificial intelligence (AI) within the platform presents exciting prospects, particularly in streamlining remediation processes and enhancing threat detection capabilities. This forward-looking approach underscores Pima Community College’s commitment to staying ahead of evolving cybersecurity challenges and ensuring robust protection for its digital assets.

Fortified Cybersecurity Defenses

“The price point is amazing. It blows my mind what you offer for what you charge,” said Abbs. By partnering with FortifyData, Pima Community College has fortified its cybersecurity defenses and gained valuable insights into its attack surface and more efficiently manages their vulnerability management program. With a robust platform that offers comprehensive vulnerability management and actionable insights, the institution is better equipped to safeguard its digital assets and uphold its commitment to providing a secure learning environment for its students and staff.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Partners

Platforms

Solutions

Industries

Why FortifyData

Company

Partners

Resources