How Visma Pushes Boundaries With Security Intelligence
July 15, 2020 • The Recorded Future Team
Visma, an Oslo, Norway-based IT and business cloud services managed service provider (MSP), uses actionable security intelligence, customized watch lists, continuous monitoring, and automated alerting from Recorded Future to:
- Drive efficiencies and automation across nearly 350 individual product delivery teams
- Analyze, prioritize, and rapidly respond to threats — while gaining analytical insights to shape risk-based security strategies
- Empower self-reliant teams to embed security into their workflows and make confident security decisions
- Streamline and improve the M&A process to support the organization’s aggressive growth strategy
Intelligence at the Core of Security
As one of Europe’s leading software companies, Visma has a decades-long history of innovation, with acquisitions at the core of its strategy. However, this creates complexity as new teams and technologies come on board. Today, the company is a federation of more than 145 individual companies, 350 product teams, 5,000 developers, and 11,000 employees.
A centralized product security team maintains the highest security standards across all Visma products and oversees this diverse mix of global teams to defend against targeted attacks. That team is also charged with empowering each individual product team with the tools and processes they need to self-manage security across every product.
The central team is led by product security director Espen Johansen — a former ethical hacker, armed forces veteran, data science junky, and experienced security practitioner with a flair for experimentation and research — who believes that when it comes to security, intelligence is the name of the game.
Security Intelligence in Practice
- Why Visma’s plans to build an in-house cyber threat intelligence platform changed after they discovered Recorded Future
- How the way Visma handled a highly targeted attack became a playbook for rapid response, industry collaboration, transparency, and intelligence maturity
- How hundreds of teams within Visma use Recorded Future to monitor and prioritize relevant threats
- Flexible use cases for security intelligence — from surfacing security risks like typosquat domains, to streamlining M&A due diligence, to gaining deeper insights on threat actors’ motivations and actions
“Recorded Future empowers teams with accurate, actionable intelligence when there’s something to report that presents real risk. And just as important, it’s silent when there’s nothing to report,” says Johansen.
Leading with security intelligence is all about empowerment. “We’ve flipped traditional security on its head,” explains Johansen. “By taking a bottom-up approach that delivers integrated, actionable intelligence into team workflows, the attention to security becomes embedded in team culture.”
Read the case study to learn more about Visma’s security intelligence journey with Recorded Future.