KINUM, INC.
New Regulations Necessitated a New Approach to Cybersecurity
When a leading collection agency needed to prepare for changing requirements, it knew the best offense was a good defense.
The Challenge and Opportunity
Due to changing federal regulations, Kinum, Inc., a leading debt collection agency, was reclassified as a financial institution. With the new designation came new requirements tied to the Gramm-Leach-Bliley Act, but the company knew it couldn’t tackle these changes alone. So, it found a trusted partner in TPx that could help it develop and implement the right approach.
Quick Facts
Kinum, Inc. is a debt collection agency in Indianapolis, Indiana, & Virginia Beach, Virginia.
Kinum works with companies in a wide array of industries, all with one goal: to help the business get the money it is owed and needs to thrive.
The Solution
With TPx as its partner, Kinum successfully implemented a comprehensive approach to ensure it takes a defensible position against changing federal regulations.
The Benefits
Working with TPx, the Kinum team ensured defensibility while spending less time in-house on compliance, knowing expert resources are just a phone call away when needed.
The Results
The new approach helped increase Kinum’s defensibility while ensuring it has the infrastructure to respond to an audit and any related requests.
About Kinum
Kinum, Inc., formerly Fidelis Asset Management, was founded in 2008 to offer a low-cost solution for small- to medium-sized businesses to manage and outsource their slow and non-paying customers. After years of working in the industry and learning how to (and how not to) build a great collections team, Kinum’s Founders departed from the large conglomerates to build the industry leader.
“Having a partner that was there every step of the way put all of us at ease. It hasn’t taken up a wild amount of my time to implement. I didn’t have to come to a screeching halt on other things we’re doing, so we didn’t lose momentum on our other important initiatives.”
Nicolai Cockrill, Director of Technology at Kinum
The Challenge
Recently mandated to comply with the FTC Safeguards Rule under GLBA, Kinum, Inc., a debt collection company, faced the challenge of adapting to its new classification as a financial institution. Non-compliance posed risks of fines and reputational damage, necessitating a pivot towards defensibility.
Unfortunately, like many newly determined financial institutions, Kinum didn’t have the infrastructure in place to readily meet these new regulations. “Looking at becoming defensively compliant without a partner was something we did not have in the cards,” said Nicolai Cockrill, Kinum’s Director of Technology. He knew there needed to be a strategic shift.
The Opportunity
Navigating these challenges proved particularly daunting for Kinum, given its small in-house cybersecurity team. Kinum stakeholders knew developing and implementing a full compliance plan would be very time-consuming without assistance.
Budgetary constraints added another layer of complexity, a common hurdle for smaller companies like Kinum when considering external compliance or legal resources. Despite these limitations, Kinum stakeholders understood the importance of investing in defensibility, recognizing its potential for long-term cost savings. They recognized that the financial repercussions of noncompliance with regulations could be equally damaging to a business as falling victim to a cyberattack.
Recognizing the importance of compliance, Kinum sought a cost-effective solution to ensure defensibility against potential penalties.
The Solution
Amidst the regulatory complexities, TPx emerged as the ideal partner for Kinum. Leveraging its Vulnerability and Penetration Scanning offerings, TPx provided a comprehensive cybersecurity solution tailored to Kinum’s needs.
The services offered by TPx presented an affordable avenue for Kinum to establish and maintain a cybersecurity program aligned with the updated regulatory requirements.
Kinum stakeholders opted for TPx penetration scans, a crucial tool for identifying vulnerabilities in IT architecture. The scans provided defensibility, ensuring that Kinum’s commitment to compliance was tangible and sustainable over time. Regular scans not only helped maintain compliance but also contributed to obtaining cyber insurance, a vital aspect in today’s cybersecurity landscape.
The Results
The success metrics for Kinum revolve around the ease of implementing a security program without overwhelming its small team. TPx’s strategic plan with scheduled deliverables facilitated a step-by-step approach to increase defensibility. The 12-month timeframe allowed Kinum to make steady progress without disrupting daily operations.
TPx’s tailored solutions helped enable Kinum to navigate the complexities of the Safeguards Rule efficiently. Cockrill emphasized the significance of being audit-ready, highlighting the immeasurable value of having all the necessary information at hand. Cockrill says, “We really want to comply with the regulations. It’s clear: if you’re audited, you better be ready to go.”
TPx has not only empowered Kinum to navigate the complexities of regulatory requirements but has also set them on a trajectory toward sustained success in the ever-evolving regulatory landscape.
In the face of regulatory challenges and the imperative to fortify its cybersecurity posture, Kinum found a reliable partner in TPx. As the compliance journey unfolds, Kinum stands equipped to not only meet the regulatory demands but also fortify its cybersecurity defenses against emerging threats in the debt collection landscape.
Additional Resources
9 Biggest Threats to Data Security in 2024 and How to Fight Them
Cybercriminals constantly evolve tactics to find new ways to exploit vulnerabilities, increasing their attack sophistication and frequency. This article will discuss the top nine threats to data security in 2024 and how to fight against them.
Building an Effective Cybersecurity Strategy
Navigate the complexities of cybersecurity planning and bolster your business's resilience with our expert tips on constructing an effective cybersecurity strategy for long-term protection.