How FMHC Reduced Alert Fatigue and Achieved Compliance with MXDR

Industry

Financial Services

Challenge

First Mutual Holding Company struggled with “alert blindness,” lacking the ability to effectively analyze and correlate security logs across its financial network. With a lean IT team and no 24/7 monitoring, potential threats could go undetected, putting compliance and security at risk. Managing cybersecurity alongside daily IT operations became an overwhelming challenge.

Results

With Gradient Cyber’s MXDR, FMHC gained 24/7 monitoring, real-time threat detection, and the ability to correlate security events across their entire network. Alert blindness was eliminated, allowing their team to quickly identify risks and take action before they became serious threats. Compliance reporting also became easier, giving FMHC confidence in meeting OCC and FDIC requirements.

Key Product

Managed XDR

www.firstmutualholding.com

Years As a loyal customer

Banks Protected With MXDR

24/7

Monitoring and Response Coverage

"Gradient Cyber wasn’t just another security tool—it became our eyes and ears, giving us the visibility we needed to catch threats we wouldn’t have seen otherwise."

Jon Densmore

Chief Information Security Officer @ First Mutual Holding Co.

About First Mutual Holding Co.

Formed in 2015, FMHC is a member-owned holding company that provides the support and resources mutual banks need to thrive. FMHC believes mutual banks are critical to the long-term success of the communities they serve and proudly offer those that choose to work with them a comprehensive range of services and benefits.

The Challenge

FMHC faced the same cybersecurity hurdles that many mid-market organizations encounter: alert “blindness," as well as a lack of experience and bandwidth to effectively analyze and correlate logs across systems. Without the resources for 24/7 monitoring, potential threats could slip through unnoticed. Adding to the challenge, strict OCC and FDIC regulations demanded robust compliance measures. Limited resources left FMHC stretched thin, making it hard to manage daily IT operations while maintaining strong security.

The Solution

For seven years and running, Gradient Cyber MXDR has been a cornerstone of FMHC’s cybersecurity strategy, monitoring and leveraging their existing IT and security infrastructure – including Active Directory, Sophos firewalls, Sophos endpoint detection and response, and Cisco routers.

By centralizing and analyzing logs, Gradient Cyber delivered clear visibility into network activity, while 24/7 threat monitoring enhanced FMHC’s ability to respond to priority alerts in a timely manner. Gradient Cyber’s actionable situational reports (SitReps) have become a key component of FMHC’s weekly and monthly security updates, enabling them to stay ahead of threats and focus on core operations.

Gradient Cyber’s MXDR SitReps - which include alert contextualization across systems that would require a lot of time-consuming examination for relevance on our part, let alone expertise - just makes threat response so much easier for us. Combine that with around-the-clock monitoring, and it makes obvious financial sense for us to just outsource this effort to a trusted service provider.

The Results

With Gradient Cyber’s MXDR, FMHC was able to:

Proactively identify and analyze anomalies, providing the insights needed to prevent potential breaches
Achieve regulatory compliance with extended log retention and advanced reporting to satisfy regulatory audit requirements
Leverage 24/7 monitoring without the need to hire additional staff or invest in expensive tools
Reduce “alert blindness” and allow the IT team to focus on business initiatives and operational efficiency

The Long-Term Value

FMHC relies on Gradient Cyber to meet its security and regulatory needs with confidence.

By incorporating their SitRep insights into weekly and quarterly reports, FMHC keeps stakeholders informed and ensures transparency. Gradient Cyber MXDR allows our IT and security affiliate support team to focus on the core business needs of banking operations