Mitiga Strengthens SaaS and Cloud Incident Readiness and Response Strategy for Insurance Leader Lemonade

How did your team at Lemonade first hear about Mitiga?

In my case, numerous people had recommended Mitiga. Not all of them had tried Mitiga because Mitiga is relatively new, but the thing that they knew is, they knew of the founders. A lot of people know the people who work at Mitiga and they know the quality of people that Mitiga hires, which absolutely beats the quality of people that the large competitors can hire because they need to fill so many seats. They just can’t be as choosy.

‍What challenges does Lemonade anticipate that led you to choose Mitiga?

So, as we built out our security program, one of the areas that we had to focus on, we knew eventually was going to be incident response. We looked at the traditional firms, but something about them didn’t quite sit with me. 

Primarily, it was this idea that when you have an incident, you call them. And so, they would assign people to work with you to get into your systems. It never really seemed like an efficient approach. When something bad happens, then we’re going to start from zero, almost zero, maybe for one mile an hour, and we’ll try and get up to 60 miles an hour as fast as we can. 

But we’re a big company, and big companies move slowly. We don’t have a really good acceleration engine in our car. 

When I came across Mitiga, the approach immediately made sense. If something bad happens and you need to activate Mitiga, within an hour they already have people looking at logs for the last year or even more. The reason why many firms don’t do it, it probably is because they’re just not equipped to handle the load of data.

‍What sets Mitiga apart?

Given that Mitiga was formed recently, and given that everything nowadays with customers like ourselves is cloud based and we deal with AWS, GCP, and Azure, and we deal with all SaaS technologies, and given that Mitiga itself uses all of those technologies, it’s easy and obvious for them to work in our technologies as opposed to an old enterprise and to companies trying to backfill what they do or learn new technologies. 

‍What benefits have you seen since Lemonade and Mitiga started working together?

I’ve seen many benefits already. We have had a minor incident which turned out to be a false alarm and Mitiga was right there for us. But the real benefits we’ve gotten so far are a readiness assessment, a very thorough readiness assessment that Mitiga performed. 

They gave us a benchmark for how ready we are now and has allowed us to draw a roadmap. And when we do our readiness assessment a year after that first one, we’ll see how much we’ve improved. 

We’ve done two tabletop exercises, which have been fantastic. Both the DevOps team and the executive team really found them worthwhile. And of course, I did too. 

‍Has Mitiga been helpful during Lemonade’s recent acquisition?

We are in the process of acquiring a company so that company brought Mitiga in to do a compromise assessment. It was extremely thorough and it was very valuable for both the company to be acquired as well as us.