Connect Cause

Connect Cause is an IT and voice over IP managed services provider that specializes exclusively in providing IT/IS and VoIP services for the non-profit community.

The Challenge: Helping Nonprofits Meet HIPAA & PCI While Bolstering Cybersecurity Hygiene

As CISO (Chief Information Security Officer) for Connect Cause, Aaron Cervasio helps provide enhanced cybersecurity services for their nonprofit, SMB customers across many different verticals. Many of these organizations need to meet regulatory compliance requirements like HIPAA and PCI DSS.

“As cyberthreats become more prevalent and impactful, and as compliance dictates additional requirements, more advanced measures are being taken to safeguard these organizations,” Cervasio said. “I have to be on the lookout for products and services to help our customers, as they look to us to tell them what to do.”

Initially many years ago, Connect Cause partnered with Blackpoint Cyber when they were just starting their journey into cybersecurity. They came as a referral from their existing endpoint provider.

“We don’t want to just be an MSP that offers cybersecurity services. MSPs that have true expertise and a full understanding of infosec are so much more complex and more in depth than, let’s throw in a couple extra services,” Cervasio said. “Most organizations don’t realize that or don’t want to think about infosec being that different from IT support. But those things are wildly different, and we wanted to shore up our own expertise internally.”

Cervasio soon realized that Blackpoint Cyber was insufficient for what they had envisioned for the cybersecurity services part of their company.

“Cybersecurity isn’t a one-stop-shop solution; you don’t just install it and forget about it because someone else is doing the monitoring for you,” Cervasio said. “We came to realize we need to build a suite of solutions with intention that really cover the capabilities that organizations need for regulatory compliance and good cybersecurity hygiene. That’s what led to us rethinking what we‘re selling and why we’re selling it.”

The Solution: Easy-to-Use SIEM + XDR Platform That Shows Security Value to Customers

Cervasio found Blumira’s name and website on Google and Reddit forums during his research on SIEM and SOAR products, as he was looking for a unified solution for both MDR and SIEM in one.

“Blackpoint Cyber had no SIEM or aggregation of log data that was immutable that I could go and see what had happened over the last year. It’s an MDR product, but it’s not collecting log data and keeping it,” Cervasio said.

He came across some larger names in the market, including Crowdstrike and Rapid 7 that did seem to have those capabilities, but they often failed to get back to him when he tried to talk to their sales teams and were priced out of their range.

“With Blackpoint Cyber, it was crickets – we heard nothing from them, ever. They never sent a report and only once in a year did they ever reach out to me. If we’re going to be an MSP with expertise, we can’t rely on some random third-party SOC to interpret this information on our behalf. We have to look at the event and determine if it’s actionable or not.”

The lack of communication and responsiveness pushed Connect Cause to seek a different cybersecurity partner.

“When it comes to Webroot and Blackpoint Cyber, your requests kind of go to blackholes; we had to manually follow up multiple times. Our struggles dealing with that pushed us to find another solution – one that is easier for a team of analysts to manage, market and sell to our customers,” Cervasio said. “Blumira is very responsive; I would always get a response from your team whenever I would email them. As I learn more about the platform, I have to rely less on your team.”

Blumira’s team provides 24/7 SecOps support for critical priority issues, as well as dedicated onboarding and ongoing sessions to ensure security success.

“I’ve been very pleased with Blumira as a partner, product and service,” Cervasio said.

Responsive Team + Intuitive Platform With Actionable Alerts

Replacing Blackpoint Cyber with Blumira’s SIEM + XDR made a major difference, and gave them access to actionable data and flexibility to adjust their alert notifications.

“Blumira excelled for us at this point, once we replaced Blackpoint Cyber. We started getting notifications and could at least tweak the noise and interpret the data to determine if it was important or not.”

With broad cloud coverage and advanced detection and response, Connect Cause leveraged Blumira’s native integrations to gain greater visibility and insight into their customer environments.

“I love Blumira’s XDR capabilities; that was a huge draw. It’s great that we can integrate different cloud platforms and other third-parties into your service, connecting Microsoft 365 and Google Workspace directly to your cloud environments,” Cervasio said. “Blumira’s strength is in the ability to perform cross-platform analysis, allowing us to see alerts from different platforms aggregated into one.”

Connect Cause started getting valuable alerts that they never saw with Blackpoint Cyber that revealed weak points in their customers’ security practices and helped increase their overall revenue.

“With Blumira, we got alerts on a customer with plaintext password documents in their environment that Blackpoint Cyber never alerted us to. This led to us upselling a customer on a password management service,” Cervasio said.

Blumira’s Security Model Helps Increase MSP Cybersecurity Revenue

Blumira’s easy-to-use platform user interface and MSP-friendly portal, pricing model and billing gave Connect Cause the support they needed for their customers.

“Blackpoint Cyber’s interface is not the easiest to use. Blumira’s interface is definitely more intuitive,” Cervasio said. “It was also challenging to work with Blackpoint when it came to supporting our MSP model, as we’re unique in terms of how we sell our products and services to our customers; and the way our contracts work with them and billing.”

As an MSP, Connect Cause is able to use Blumira to establish insight into a customer’s security posture and identify potential opportunities to harden their environment.

“Blumira has helped us prove competency and show we know what we’re talking about in a way that builds trust,” Cervasio said. “After the initial sale of monitoring to our customers, it opens the floor to us saying, here’s the next step: whether that’s using a password manager, pen-testing, or conducting a gap analysis.”

Connect Cause benefits from packaging Blumira with their cybersecurity bundle and significantly growing their revenue.

“We went from one customer with Blackpoint Cyber to having multiple customers with Blumira. Since partnering with Blumira, we’ve been able to substantially grow our unified cybersecurity and information security business division. It is now a significant part of our business growth strategy and overall revenue,” Cervasio said.

From a security perspective, Connect Cause was able to benefit from the additional, holistic context that Blumira provides by collecting, analyzing and identifying incidents across many different data sources, not just endpoints.

“A lot of MDRs are agent-only, and don’t provide a network component; using only an agent to build context around incidents,” Cervasio said. “Since I can integrate Blumira directly with firewalls, I was getting alerted to a hacker from Moldova who was conducting password-spraying attacks on a customer’s firewall. I was able to find the IP address and block the attacks completely.”

Are you an MSP? Check out our MSP Program with NFR licensing for partners.