Case Study

Global Atlantic Financial Group Shifts Left by Integrating Security into the Development Process


By leveraging Prisma Cloud by Palo Alto Networks, Global Atlantic Financial Group, a leading U.S. retirement and life insurance company, has consolidated the visibility of multicloud infrastructure into a single pane of glass while establishing security into the application development cycle.


In brief

Customer

Global Atlantic Financial Group

Featured Product and Services

Prisma Cloud

Industry

Retirement and Life Insurance

Organization Size

1,600+

Country

Global HQ USA


Challenges

Global Atlantic lacked visibility and governance in their multicloud environment. That made the primary challenge clear: consolidate into a single pane of glass while also applying the appropriate role-based policies. The secondary challenge was to migrate legacy infrastructure and on-premises applications into the company’s 2.0 environment. And the third challenge was to minimize potential downtime and reduce the potential for security gaps in infrastructure as code misconfiguration issues.

Requirements
    • Centralized visibility and security management of multicloud environments
    • Automated identification and remediation of security vulnerabilities and misconfigurations
    • Preventative security practices implemented earlier in the application development cycle
Solution

Global Atlantic selected Prisma Cloud by Palo Alto Networks to centralize cloud visibility and security management in their cloud environment, including:

  • Out-of-the-box checks for regulatory compliance
  • Comprehensive overview of all cloud assets with prioritized risks
  • Preventative measures in both infrastructure as code and application development lifecycle minimizing potential downtime to seconds from days.

Download PDF Share

Global Atlantic Financial Group selected Prisma Cloud to centralize visibility and governance in their diverse multicloud environment. They tasked Prisma Cloud with migrating legacy infrastructure and on-premises applications into the company’s 2.0 environment. By taking on this challenge, Prisma Cloud enabled the security team to work more closely with the development and operations teams to integrate security into the application development and deployment cycle.


CHALLENGE

With the cloud comes new security challenges. Far too often it’s difficult to stay ahead of cyberthreats.

Global Atlantic, a leader in U.S. retirement and life insurance, is committed to delivering high-quality and secure services to meet the evolving financial needs of their clients. To accomplish this, the company transitioned their applications to the cloud and in doing so, has adopted a multicloud approach with AWS, Oracle, and Azure to meet their customers needs.

By migrating the existing infrastructure into this diverse multicloud environment, new security challenges needed to be identified and tackled, requiring the use of a modern cloud-native solution.

Prior to implementing Prisma Cloud, “There was a lack of visibility as well as governance in our cloud environment,” says Cole Horsman, AVP Cloud Security, Global Atlantic Financial Group. “There were a lot of developers who had full access to AWS in our cloud environment and they were largely in charge of owning the cloud environment.”

Cole also states, “Our challenge was to take our legacy environment, migrate it over to our 2.0 environment, and while doing that, we also needed to migrate our on-premises applications.”

Chris Bogaards, AVP of Information Security, Global Atlantic Financial Group, adds, “We had no insight into what developers were doing or what was being developed. Nor did we know what utilities were being used or what systems, applications, or languages they were written in. There were no guardrails in place.”

“Before Prisma Cloud, our environment was open to risk and vulnerable to malicious acts.” Bogaards continues, “The last thing any of us wanted was to see our name in a headline for being breached.”

“As we started evolving and looking into moving into the cloud space with AWS, we knew right away that we needed a solution to help integrate our enterprise security program with our cloud security program,” Bogaards affirms.


quote

The threat landscape today is evolving so rapidly that without Prisma Cloud, our team could not manually stay on top of all the latest information being released, the current vulnerabilities, or threats.

— Chris Bogaards, AVP of IT Information Security,
Global Atlantic Financial Group

quote

Prisma Cloud lets us know what we need to focus on.

— Cole Horsman, AVP Cloud Security,
Global Atlantic Financial Group

Already a satisfied Palo Alto Networks firewall customer, Global Atlantic knew they needed a modern solution to integrate their enterprise security program with their cloud security program. After evaluating potential solutions, it did not take long for them to select Prisma Cloud.

Prior to Prisma Cloud, development and security teams worked in silos. With Prisma Cloud in place; the single pane of glass visibility, governance and compliance installed, the Global Atlantic teams had a secure path to their cloud environment that brought them together.

In the beginning, Cole states, “We found that there were issues clearly not malicious but unintentional.” The primary goals of the security teams were to build tools and solutions to secure the environment while the developers focused on speed to market, agility, and getting the application deployed. In the end though, Cole continues, “Despite the different mindsets and the different objectives, the underlying goal was always the same and that was to build a better product.”

Prisma Cloud provided the necessary solutions and the results followed. By consolidating their entire cloud footprint into a single view and enabling built-in governance policies, Global Atlantic was now able to stay ahead of the threats and risks that come along with deploying applications in the cloud.

It also became apparent that by adopting a shift-left approach the impact of deploying vulnerable applications minimized the cybersecurity threats.

The continued partnership with Palo Alto Networks has been a tremendous experience for Global Atlantic, especially as they continue to expand into the cloud space and grow.


quote

Before Prisma Cloud, there were definitely walls that needed to be broken down for both development and security teams to collaborate and gain mutual trust... then we saw tangible evidence that Prisma Cloud was providing the solutions we needed…I think it was at that moment when we all realized that we had a common goal to build a better product.

— Cole Horsman, AVP Cloud Security,
Global Atlantic Financial Group

quote

The security teams benefited the most because of visibility, as they were now able to see across all our cloud environments.

— Cole Horsman, AVP Cloud Security,
Global Atlantic Financial Group

Enhanced Security and Compliance with Reduced Complexity

With Prisma Cloud’s centralized visibility and control, Global Atlantic effectively identified dangerous security threats and misconfigurations and remediated them before they impacted the business.

Streamlined Reporting and Remediation Through Automation

The ability to automatically generate reports for developers, application owners, executive-level management, and auditors—within hours instead of days or weeks—enables time-crunched teams to identify and eliminate risks much more quickly.

With consolidated visibility of cloud environments and prioritized risk, the proper teams are immediately alerted to threats, misconfigurations, and vulnerabilities, as well as resources that fall out of compliance. And by leveraging the automation functions within Prisma Cloud, teams can schedule remediation based on the company’s internal controls—which increases operational efficiency—and saves time.

Improved Code Security with a Shift-Left Approach

Catching security threats and vulnerabilities prior to deploying an application into the cloud has become a critical component in the development lifecycle. By embedding security early in the development process, Prisma Cloud greatly reduces the risk of deploying vulnerable code and applications. By shifting left, security teams can identify potential vulnerabilities and misconfigurations based on policies and remediate issues before they reach production.


quote

Prisma Cloud empowers our organization to seamlessly scale with the vast, on-demand scalability of AWS, and to manage crucial components like WAF firewalls while equipping us with an array of cloud-native capabilities to maintain a formidable cybersecurity posture.

— Chris Bogaards, AVP of IT Information Security,
Global Atlantic Financial Group

CONCLUSION

Global Atlantic, a satisfied user of the Palo Alto Networks Next-Generation Firewalls, sought a modern solution to connect their enterprise security with cloud security. They chose Prisma Cloud after evaluating options. Prisma Cloud automated and simplified code-to-cloud security, uniting development and security teams by offering clear visibility, compliance, and governance across multicloud assets. Initially, risks complicated difficult organizational dynamics, but teams shared the goal of building better, more secure products for their clients. Prisma Cloud consolidated their cloud view, enforced governance, and prioritized risks. Integrating security early in development reduced cybersecurity threats. The ongoing partnership with Palo Alto Networks aided Global Atlantic’s expansion into the cloud.