Revamping LV=’s Security Infrastructure: A Case Study in Modernization and Risk Mitigation

LV=, the prestigious pension, savings, insurance, and retirement company in the UK, is undergoing a major security overhaul after a stark assessment of its existing security infrastructure. The 180-year-old company, known for its wide range of financial services, realized that its security measures were lacking and hired Dan Baylis as the chief information security and data officer to address the shortcomings.

Baylis discovered several issues with LV=’s security stack, including outdated security controls and a lack of central visibility into the overall security posture. In response, he embarked on a comprehensive revamp of the company’s security infrastructure.

Key steps in the overhaul included the implementation of a breach attack and detection system (BAS) to monitor for security blind spots, continuous security testing, and the adoption of tools like Cymulate for security validation. These changes allowed LV= to actively test for emergent threats and demonstrate resilience against cyber attacks.

Additionally, Baylis chose Axonius for continuous control monitoring and SecurityScorecard for benchmarking LV=’s security posture against industry peers. These tools proved instrumental in identifying and addressing security gaps, leading to a significant improvement in LV=’s security rating from SecurityScorecard.

Looking ahead, LV= is focusing on enhancing the human side of security, with plans for dedicated phishing tests and training for employees to improve security awareness. Baylis emphasizes the importance of cyber resilience and employee education in maintaining effective security measures.

Overall, the overhaul of LV=’s security infrastructure marks a pivotal moment in the company’s journey towards robust and modernized security practices, ensuring the protection of its customers’ sensitive financial information.