Driven by Visibility: How NZAA Consolidated Security and Built Confidence with Rapid7 MDR

The New Zealand Automobile Association (NZAA) has been a household name for over 120 years. As one of the country’s largest membership organisations, it offers more than just roadside assistance, its services span vehicle servicing, insurance, financial products, and road safety advocacy.

As NZAA expanded its digital capabilities, the pressure to modernise its security program grew. Leading that transformation is Damon Cowley, Head of Digital Trust and Governance. With a focus on safeguarding member data and building resilience across the business, Damon brings a pragmatic, strategic approach to security operations.

Too many tools, too little visibility

Before working with Rapid7, NZAA’s cybersecurity tools were fragmented and disjointed. The team relied on a patchwork of MSP-managed tools that didn’t speak to each other, creating blind spots and operational bottlenecks.

“We had a number of small products that were disconnected from each other,” Damon explained. “A few of those were managed services, but they weren’t able to connect to give us a single view of our environment.”

This fractured approach not only limited visibility but also made it difficult to respond to threats in a timely manner. Teams had to jump between platforms to understand what was happening. With limited in-house resources and a growing digital estate, NZAA needed a smarter, more scalable solution.

Why Rapid7? Global xoverage and transparent collaboration

NZAA launched a search for a Managed Detection and Response (MDR) service—looking for a partner who could provide 24/7 support, centralized visibility, and predictable data usage. Damon was particularly focused on transparency and scalability.

“The key requirements we looked at were the ability to centralize our logs, the ability to have transparency between us and the service provider, and unlimited ingestion,” he said. “Other providers offer an ingestion-based cost model, which is difficult. Rapid7’s unlimited ingestion has enabled us to bring everything together and then tune what’s important to us.”

Rapid7’s MDR stood out for its global SOC coverage, maturing platform, and collaborative mindset.

MDR in action: faster response, lower risk

Through its AI-powered SIEM technology, Rapid7 MDR delivers expert monitoring of NZAA’s native and third party telemetry, integrated threat intelligence capabilities to target their most relevant risks, and unlimited incident response for peace of mind in the event of a breach.\. For NZAA, it provided an immediate boost in security maturity, even before full implementation was complete.

“Early on in the evaluation process, we were able to identify a large volume of login failure attacks against our environment,” Damon said. “By doing that, we were able to take some actions proactively before fully onboarding.”

The move consolidated NZAA’s previous disparate tooling and connected proactive exposure risk management with reactive detection and response capabilities, shifting Damon’s team holistically  into a confident, resilient security posture backed by experts who know the environment and are available at any time.

Measurable maturity and board-level confidence

One of Damon’s key priorities was being able to demonstrate security progress to the executive team. Through Rapid7’s service, there are two key ways Damon consumes and arms himself with meaningful metrics that empower him to clearly communicate the state of NZAA’s cybersecurity posture.

The first is NZAA’s dedicated Cybersecurity Advisor (CA). The CA is a consistent resource available to Damon and his team, delivering reviews of activity in their environment, guidance on emergent threats and trends informed by Rapid7’s research and threat intelligence teams, and providing expert perspectives to help drive NZAA’s broader security objectives.

The Detection and Response Dashboard is also a favored resource for the team. Available directly within Rapid7’s Command Platform, it provides an executive-ready snapshot of activity and outcomes within NZAA’s environment, including the ‘Threat Pipeline’ – showing the quantity of alerts that have become investigations or incidents – but also highly tailored insights on attack surface coverage, alerts mapped by MITRE tactics, and more.

“My cyber operations team works very closely with the dashboards within the tool. I rely more on the monthly summary reports. That helps me roll up metrics and give a really good sense to our executive and board.”

From fragmented tools to an integrated future

Today, NZAA’s team has consolidated several tools and built a more cohesive program around vulnerability management and threat detection. Damon sees the MDR service as a key enabler of long-term transformation.

Even as the security team begins exploring automation features within the platform, they’re doing so at their own pace, backed by a partner that understands NZAA’s unique environment and provides guidance and support when it matters.

“We have an excellent relationship with the Rapid7 team,” Damon said. “The technology and services wrapped around it have enabled us to quickly respond and manage our cyber posture.”

Rapid7 is there for that.