BUSINESS: A company of BB Seguros, a holding company that concentrates the insurance, pension, capitalization and dental plans businesses of Banco do Brasil, Brasilseg operates in the Life, Housing, Rural and Mass sectors (Residential, Business, Condominium and Machinery and Equipment) with products sold at BB branches and on its digital channels. It has its own Relationship and Business Center in Franca (SP) and currently occupies first place in the accumulated insurance ranking in the country.
SIZE: 2,100 employees
BUSINESS CHALLENGE: Revamp the web application development lifecycle of Cisco's Government Trust and Technology Services group to make it more agile, collaborative, policy compliant, efficient and secure.
SOLUTION: Qualys Web Application Scanning (WAS)
To safeguard sensitive data for thousands of insurance policyholders across Brazil, Brasilseg used Qualys VMDR with TruRisk™ to extend vulnerability scanning coverage across all its IT assets—enabling complete visibility and fast remediation of cyber threats.
Because Brasilseg's insurance products protect thousands of people across the country, information security is a top priority. João Passos, Chief Information Security Officer at Brasilseg, confirms: “My team has a broad remit to manage our security posture and protect the company against potential threats—including everything from cyber risk and security governance to identity and access management. Maintaining our effectiveness in these areas is crucial, as any breach could have a significant regulatory and reputational impact on the business.”
Operating in a highly regulated sector, Brasilseg must ensure its compliance with information security and data governance requirements from Superintendência de Seguros Privados (SUSEP), Brazil’s domestic regulator for private insurance companies.
Passos continues: “Recently, SUSEP issued Circular No. 638/2021, which sets out new and more stringent requirements for insurance companies like Brasilseg to mitigate cyber risks. To ensure our compliance, we set out to analyze our existing policies and capabilities and identify areas for improvement.”
The BUSINESS CHALLENGE:
To rapidly achieve compliance with the latest information security requirements from its industry regulator SUSEP, Brasilseg replaced its previous vulnerability management tool with Qualys VMDR. An all-inclusive risk-based vulnerability management solution, Qualys VMDR with TruRisk enables the company to automatically discover assets, scan for vulnerabilities and prioritize remediation work based on risk and business criticality.
Passos says: “I’d previously used Qualys for over eight years in a security role at another leading business in Brazil, so I already knew first-hand how effective the solution is. By deploying lightweight Qualys Cloud Agents across our environment, we’re able to gain real-time data on vulnerabilities across all our systems—from servers to workstations to laptops.”
Working together with its trusted local technology partner Logical IT, Brasilseg configured VMDR to scan its environment automatically at regular intervals. By combining the solution with the Qualys CyberSecurity Asset Management (CSAM)solution, the company can visualize its attack surface and take targeted action to help ensure vital remediation tasks are completed in a timely manner.
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings. For more information, please visit qualys.com. Qualys, Qualys VMDR® and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
“I feel like an ambassador for Qualys in Brazil, because whenever my peers talk to me about their vulnerability management challenges, I always recommend Qualys VMDR. It’s easy to deploy, user-friendly, and provides accurate, actionable information on vulnerabilities—wherever they are in your IT environment.”
Chief Information Security Officer, Brasilseg