June 27, 2024

How Cognisys beats growth goals with Vanta

Written by

Vanta

Reviewed by

Accelerating security solutions for small businesses
‍

Tagore offers strategic services to small businesses.

A partnership that can scale
‍

Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate.

Standing out from competitors
‍

Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

Advanced security services for scaling businesses
‍

Cognisys provides cybersecurity support and managed compliance services to accelerating businesses.

An exclusive partnership built on deep relationships
‍

Cognisys sought a partnership with dedicated support and industry expertise to address the growing technical skills shortage.

Driving partner growth and client impact to new heights
‍

By partnering with Vanta, Cognisys is able to exceed business goals and break into new industries while surpassing client expectations.

‍

The company

Smarter cybersecurity for growing businesses

Established in 2019 and headquartered in Leeds, United Kingdom, Cognisys is a Managed Security Service Provider (MSSP) dedicated to enhancing its clients’ cybersecurity. Specializing in cybersecurity and GRC operations, Cognisys offers comprehensive managed support, including penetration testing, security testing, and compliance as a service.

‍

Cognisys develops and maintains security programs for clients at every stage of their security journey. With Cognisys, clients can concentrate on expanding their operations and driving new growth, confident that their security posture is in expert hands. Cognisys adopts a proactive approach to security, offering offensive capabilities such as infrastructure and wireless network penetration testing, social engineering, red teaming, vulnerability scanning, and more.

‍

‍

The challenge

Confronting the technical skills talent shortage

Steve Spence, CEO, founded Cognisys to provide companies with offensive security measures, focusing on penetration testing and vulnerability management as core services. To scale Cognisys and expand its service offerings, he turned to Steve Byrom, COO, to drive growth by entering the GRC space, which he viewed as a natural complement to Cognisys’ existing practice. During his search to build Cognisys' GRC offering, Steve B discovered Vanta. "Cognisys’ practice comes from a security perspective and Vanta comes from a GRC perspective. The security and compliance space has been stuck in the dark ages and Vanta saw that," says Steve B.

‍

As a service-based business, Cognisys prioritizes hands-on client work. When Steve B began exploring potential partner solutions, he understood the importance of finding a partner capable of tackling a significant industry-wide challenge—the growing talent shortage of technical security professionals. With a shrinking talent pool, Steve B needed a solution to address this issue head-on, scale his small but capable team, and broaden opportunities for less technical hires.

Faced with the challenge of expanding Cognisys’ core services while addressing escalating industry challenges, Steve B began his search for a long-term partner.

‍

The solution

An exclusive partnership built for long-term results

To address the challenge of the talent shortage and expand Cognisys' offerings, Steve B recognized the need for an automated compliance solution. During his evaluation of potential platforms, Steve B prioritized partner support and scalability. “We joined Vanta because of our [Vanta] Channel Manager,” Steve B noted. He also sought a market leader capable of scaling with his business and unlocking new growth opportunities. Key motivating factors for Steve B included access to Vanta’s partner support ecosystem, co-marketing opportunities, GTM enablement, invitations to Vanta-sponsored events, and access to beta programs.

‍

In addition to addressing the growing talent shortage, Steve B also needed a platform that could enhance his existing team's efficiency. "[Without Vanta] our team would look very different. We wouldn’t have the amount of work we have now because it’s expensive, and you need skilled people. So I would have fewer people that I would pay 4x the wage to, and to justify those wages, I would need a different caliber of work. I would need to focus on larger enterprise contracts," says Steve B. Partnering with Vanta enables Steve B to deploy Cognisys' resources more efficiently and focus on expanding his team with talented staff to solve complex client problems—all while leveraging Vanta's advanced solutions, powered by deep automation and integrations, to provide GRC expertise.

‍

After vetting multiple options, Steve B chose Vanta, “The reality is, we would have been daft not to have grabbed on to Vanta. We realized its potential early on and went all in. We saw where it was going [and decided] Vanta was the only option,” says Steve B. Even in a competitive market, Steve B has continuously chosen to partner solely with Vanta, demonstrating the mutual value that the partnership has created. “We want to see our customers succeed. We’re in it for the long run.”

‍

The impact

Outsized impact for Cognisys and customers alike

Since choosing Vanta as Cognisys’ sole automated compliance solution, the company has seen significant improvements across key business metrics. In particular, partnering with Vanta has enabled Cognisys to exceed their goals. “We’re ahead of our quarterly goal, which is a big surprise. And a part of that comes down to the Vanta relationship, which is really cool. It’s the catalyst for the growth we're seeing,” says Steve B. Steve B also attributes part of this growth acceleration to Vanta’s support in helping Cognisys break into new industries. “Vanta has helped us break into a whole new segment of clients. We’re now more focused on founder-led businesses.” Overall, Steve B cites Vanta as the reason why Cognisys’ GRC practice is outpacing goals by over 30%.

‍

Beyond the impact on Cognisys, the partnership with Vanta has also led to significant customer benefits. “Our customers need to get secure quickly and effectively, and they need to make Vanta work for them. And we plug that gap for them,” says Steve B. He also sees the impact of the relationship extending beyond immediate outcomes. “We’re looking at building long-term relationships and being a customer’s one-stop-shop. If they don’t need our services now, they will at some point—whether it’s an internal audit, a pen test, or security scans. So it’s very much a big picture for us.”

‍

By prioritizing customer success, Cognisys has achieved less than 1% churn among joint customers, underscoring the immense value of the partnership. Success stories from clients like Quix and Kara Connect further illustrate how the collaboration between Vanta and Cognisys helps clients reach their goals faster, with both customers having achieved ISO 27001 certification on or ahead of schedule. Moreover, Steve B believes that the relationship between Cognisys and Vanta is supporting client success at scale, with over 100 shared clients having passed audits to date.

‍

Reflecting on the last 13 months as a Vanta partner, Cognisys is now focused on their ambitious future goals, "Last October we said we want to be the largest partner in Europe. And now we are. Now we want to be the biggest Vanta partner in the world. We don't partner with anybody else. We've gone all in on Vanta," says Steve S.

Access Review Stage	Content / Functionality
Across all stages	Easily create and save a new access review at a point in time View detailed audit evidence of historical access reviews
Setup access review procedures	Define a global access review procedure that stakeholders can follow, ensuring consistency and mitigation of human error in reviews Set your access review frequency (monthly, quarterly, etc.) and working period/deadlines
Consolidate account access data from systems	Integrate systems using dozens of pre-built integrations, or “connectors”. System account and HRIS data is pulled into Vanta. Upcoming integrations include Zoom and Intercom (account access), and Personio (HRIS) Upload access files from non-integrated systems View and select systems in-scope for the review
Review, approve, and deny user access	Select the appropriate systems reviewer and due date Get automatic notifications and reminders to systems reviewer of deadlines Automatic flagging of “risky” employee accounts that have been terminated or switched departments Intuitive interface to see all accounts with access, account accept/deny buttons, and notes section Track progress of individual systems access reviews and see accounts that need to be removed or have access modified Bulk sort, filter, and alter accounts based on account roles and employee title
Assign remediation tasks to system owners	Built-in remediation workflow for reviewers to request access changes and for admin to view and manage requests Optional task tracker integration to create tickets for any access changes and provide visibility to the status of tickets and remediation
Verify changes to access	Focused view of accounts flagged for access changes for easy tracking and management Automated evidence of remediation completion displayed for integrated systems Manual evidence of remediation can be uploaded for non-integrated systems
Report and re-evaluate results	Auditor can log into Vanta to see history of all completed access reviews Internals can see status of reviews in progress and also historical review detail