Click here for a message from our Chief Executive Officer regarding DefenseStorm’s efforts to maintain safety and soundness for our customers during the COVID-19 pandemic.


New partner has it all – from visibility and compliance to reporting and service

When Red Rocks Credit Union hired a new cybersecurity and cyber-compliance provider in December 2017, the difference between the old vendor and new partner was as distinct as night and day. Security-wise, the Highlands Ranch, Colo.-based credit union had been left in the dark by its former cybersecurity provider.

“We had no visibility, no reporting, no access to dashboards and no direct alerts to anything going on in our environment,” said Matthew Clements, vice president of technology and analytics at Red Rocks Credit Union. “When I asked the manager of the security operations center what they were monitoring, he couldn’t tell me. They hit the absolute bare minimum.”

So, months before the contract with the former vendor expired, Clements began looking for a new cybersecurity provider. Must-haves in this new provider included agility, continual improvement of their cybersecurity solution, readiness to help and scalability.

“We wanted more than a vendor,” Clements said. “We were looking for a trusted partner who was passionate about taking care of the needs of our organization, and DefenseStorm was the only prospect to demonstrate that level of care.”

Understanding credit unions’ regulatory compliance needs

Of the companies Red Rocks Credit Union evaluated, DefenseStorm was the only provider with a thorough understanding of the ins and outs of financial institutions’ regulatory compliance requirements.

“When I asked every other provider how their solution tied into the GLBA (Gramm-Leach-Billey Act) and NIST (National Institute of Standards and Technology) controls that we must adhere to, I heard crickets,” Clements said. “They didn’t know how to leverage their tools to align with the compliance needs of a financial institution.”

Clements added that DefenseStorm’s integration of the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT) provides the ability to efficiently and effortlessly create reports mandated by state and federal examiners.

“If you are a financial institution looking for a provider, you absolutely need to check out DefenseStorm,” Clements said. “This is the one entity that executes exceptionally well in this space.”

DefenseStorm, a fixed-price, co-managed solution, provides cybersecurity and cyber-compliance solely for regional- and community-sized banks and credit unions. It’s TRAC™ (Threat Ready Active Compliance) Team, available 24/7, uses machine learning and rich content to curate threats and triggers only what is most relevant to Red Rocks Credit Union.

“A big benefit of the solution is that DefenseStorm set up monitoring on our behalf, giving us complete visibility,” Clements said. “And since it’s co-managed, my team can jump in and do as much monitoring and alerting as they want. It’s very powerful.”

Regular interaction with DefenseStorm bolsters confidence

The TRAC team actively collaborates with Red Rocks Credit Union’s team to monitor and manage its security and compliance posture. In fact, an information security specialist on Clements’ team has bi-monthly meetings with DefenseStorm personnel, which enables ongoing interaction, onboarding additional functionality and learning ways to leverage the tool’s many features.

And when Red Rocks Credit Union has inquired about custom integrations, DefenseStorm has accommodated. “We’ve thrown out some ideas of how we could leverage the tool, potentially inside and outside of what a SIEM (Security Incident and Event Management) solution would typically do, and they’re open to it – to going out of their way to make sure they’re meeting all our needs.”

Furthermore, DefenseStorm senior leaders including Chief Customer Officer DJ Landreneau and Vice President of Customer Solutions Alex Hernandez came on site to roll up their sleeves and work alongside the Red Rocks team during onboarding. Plus, Masako Long, senior sales executive for DefenseStorm, checks in regularly to make sure the credit union’s cybersecurity and cyber-compliance needs are being met.

The service Red Rocks Credit Union receives from DefenseStorm is light years ahead of what its previous vendor provided – from cost to visibility to reporting to direct alerts.

“DefenseStorm has gone above and beyond what we wanted in a solutions provider,” Clements said. “I continue to be impressed with them bending over backwards to make sure they’re doing everything they can for us. They promise – and they deliver.”

Download the case study
Red Rocks Credit Union

Red Rocks Credit Union (RRCU) believes in inspiring its members to embrace living with intention. RRCU was originally chartered in 1979 and opened its doors officially on Valentine’s Day in 1980. Today, that same principle of serving a small, local community through a concern for one another continues to drive the credit union’s mission – to encourage, enable and underwrite the hopes, dreams and aspirations of its members to have maximum impact.