Based in Tampa, Florida, United States, Primo Water – through a family of brands – delivers high-quality water to consumers and corporations all over North America. The company’s water solutions aim to expand consumer access to purified, spring, and mineral water to promote a healthier, more sustainable lifestyle while also reducing plastic waste and pollution.

Primo Water’s history dates back to the 1920s, but today it’s a company focused solely on getting high-quality water into the hands of its customers. And that won’t be possible if there isn’t an information-security program in place to thwart attackers seeking to stop the flow and line their own pockets.

Andrew Cannata, Primo Water’s Global Chief Information Security Officer (CISO), was tasked with building a security program from the ground up to ensure Primo Water was prepared against potential cyberattackers looking to target the company.

InsightVM: Broad coverage against vulnerabilities – 95%-98% Primo Water network deployment

“Everything we did was new”

As Andrew and his team tirelessly worked to put new defenses into place that could protect cyber infrastructure at a company almost constantly engaged in the mergers and acquisitions (M&A) process, he also realized they would quickly outgrow the capacity of the boutique security-services provider he had engaged early in his tenure at Primo Water.

Andrew’s team must move fast by design. So, given the company’s rapid growth, they needed a partner that could respond just as quickly to his organization’s unique visibility needs.

“We didn’t have an exposure management or a vulnerability management solution in place. So the beauty of bringing these Rapid7 tools into our organization, it allows us to truly understand what the risk is. Being a manufacturing entity like we are, we take great pride in sweating our asset lines for years and years, and now I know what is at risk and what is our exposure.”

-Andrew Cannata, Global Chief Information Security Officer at Primo Water

With InsightVM helping to enable such a broad deployment, Andrew’s security operations team was able to go live almost immediately. This required the full attention of an all-hands-on-deck approach of the Rapid7 support team, and in the end the security team at Primo Water had an extremely positive experience because of one key aspect Andrew stressed:

“When I came to Primo Water, I made it very clear that I did not want to work with “vendors.” I systematically fired every vendor our organization was working with and wanted to work only with partners. I know that sounds hokey, but time and again Rapid7 demonstrated they wanted to be our partner.”

With that positive spirit in mind, Andrew and his team eventually were able to leverage Rapid7’s InsightVM and InsightAppSec to streamline and clarify nebulous alerts as well as the fatigue that came with them. His team needed the ability to implement controls, monitor those controls, and ultimately prevent misconfigurations that could result in exploitable vulnerabilities.

The ability to actually rest easier

After building an information security program from the ground up and ensuring they had real confidence in their Rapid7 partners – built over the long haul and after several litmus tests – Andrew’s team was ready to extend the partnership with Managed Detection and Response (MDR) services primarily due to the fact that Primo Water is going through an acquisition process not experienced by many enterprises, with approximately 120 transactions (acquisitions and divestitures) over five years.

M&A can take years when acquiring even one company or organization; the sheer number of entities added to Primo Water’s portfolio created an IT network that was in constant flux, adding and absorbing organizations from acquired companies and creating an untold number of vulnerabilities.

MDR services can almost immediately extend the capabilities of the company’s security operations center (SOC), helping to more quickly overcome issues that can arise during extensive M&A actions:

• Damage to brand and reputation
• Loss of revenue and other hidden costs
• Violations of laws and regulations, resulting in legal action
• Significant fines
• Loss of intellectual property
• Customer impact

“I know having Rapid7’s MDR solution in place, I sleep better knowing that I don’t have to worry about somebody kicking the door in without being aware. Every single day, we feel like we’re addressing the risks that are being exposed to our organization through our M&A activity.”

-Andrew Cannata, Global Chief Information Security Officer at Primo Water

And when Andrew’s team doesn’t require a managed service advisor’s assistance? With full access to InsightIDR – Rapid7’s next-gen SIEM and XDR technology at the center of MDR services – Andrew and team have the ability to dig into the details of an alert and ultimately determine if it’s something that needs escalation.

With so much growth happening at Primo Water, it’s imperative that the team have a continuously evolving understanding of exposures across their expanding attack surface. With Primo Water’s security team recently adopting Rapid7’s Surface Command, they now have a clearer understanding of their overall risk and can more quickly communicate that posture to the broader business.

Continuous improvement. Stronger partnership.

Onboarding a true partner takes time, and nothing is perfect right away. As Andrew’s responsibilities grow with new businesses constantly coming into the fold, he doesn’t have time to hold anything back when something needs to be addressed with his team’s Rapid7 partnership.

Because whether it’s ransomware or just bad guys looking to exploit a vulnerability, the pace of risk never slows down, so neither should a strong partner. As Andrew puts it:

“I am painfully honest, but that’s the way a partnership is supposed to be, right? If I have any feedback, I don’t hesitate to give it.”

Rapid7 is here for that.