Visa increases visibility into M&A security posture with advanced MDR from Expel

As a global leader in digital payments, Visa facilitates electronic transactions for consumers, businesses, and governments worldwide. The company’s commitment to cybersecurity is evident in its substantial investments: a dedicated security team of approximately 1,300 professionals and an arsenal of over 120 specialized security tools. Visa is dedicated to robust security practices, fostering customer trust and confidence in every transaction. For Visa, security is not merely about compliance or risk management, but a core value of the company’s operations and growth strategy.

Despite its robust security infrastructure, Visa faced significant challenges in its approach to mergers and acquisitions (M&A). The company’s growth strategy relies heavily on M&A activities to expand its payment ecosystem and penetrate new markets. “Our M&A strategy directly supports priorities and targets deals with a clear path to driving multi-year revenue growth,” says Ravi Soman, Vice President of Cybersecurity Governance Risk and Compliance, Visa.

But an M&A-driven growth strategy introduces complex security challenges. Each acquisition brings a unique set of security tools, practices, and varying degrees of security maturity. Rapid expansion creates a patchwork of disparate systems, security protocols, and compliance levels that must align with Visa’s stringent security criteria during the company’s 18-month integration period that follows acquisitions.

The challenge was multifaceted: Visa needed to maintain its high security standards across all operations while respecting the unique operational environments of its acquisitions while avoiding disruption to their business processes. “When we acquire an entity, most of them are a startup environment, so they’re very agile,” Soman explains. “This agility, while beneficial in many aspects, often contrasts with Visa’s more rigorous approach to security. Our task is to bring all of these diverse environments up to Visa’s rigorous security standards quickly and efficiently.”

Visa needed a partner that could help them bridge the gap between its mature security practices and the varied security landscapes of its acquisitions. The ideal partner needed to have a robust cybersecurity practice, enable rapid deployment, provide seamless integration with diverse security stacks, and allow Visa to gain immediate visibility and threat detection.

Visa tackled this security challenge head-on, launching a meticulous search for the perfect partner–a strategic ally capable of addressing immediate concerns while complementing Visa’s long-term security roadmap. This partner would be instrumental in navigating the complex security landscape of Visa’s ambitious M&A strategy.

Visa’s search for a security solution was as complex as their M&A strategy. The evaluation process to find a managed detection and response (MDR) provider involved a six-month proof-of-concept that tested potential solutions across various environments. This included major cloud platforms like Amazon Web Services (AWS)and Google Cloud, as well as a range of European and US-based systems, ensuring the chosen solution could perform effectively across Visa’s diverse technological landscape.

Throughout this extensive assessment, Expel consistently emerged as a frontrunner, distinguishing itself with its advanced capabilities, adaptability, and technology integrations.

“Our evaluation was comprehensive and rigorous,” says Ragesh Menon, Senior Director of Security Architecture, Visa. “We conducted red team exercises across multiple environments, comparing Expel against other leading vendors. The results clearly demonstrated Expel’s superior threat detection capabilities and its ability to provide actionable insights across our diverse technology landscape.”

Following this rigorous evaluation, Visa selected Expel as their preferred MDR partner. Expel’s combination of advanced technology, flexibility, and understanding of Visa’s unique security challenges set them apart in a competitive field.

“We were impressed by Expel’s seamless integration capabilities and its extensive range of supported technologies,” says Ravi Soman. “These factors were crucial in our decision-making process, as they directly address the complexities we face in our M&A activities.”

The primary value of Expel for M&A is its ability to provide immediate visibility into the security posture of newly acquired companies, offsetting risk more quickly. This rapid deployment capability was a key factor in Visa’s decision. “The onboarding itself took between two and seven days, which was a nearly 99% reduction over our previous process,” says Ragesh Menon. “We are all set up and receiving quality telemetry already.”

Expel’s tech-agnostic approach supports working with the security stack the acquired company has in place, eliminating the need for immediate standardization, and reducing the risk of security gaps during the acquisition process.

The platform’s agentless deployment simplifies onboarding and reduces conflicts with existing systems, a crucial factor in Visa’s complex technological landscape. Expel offers comprehensive cloud support for major providers like AWS and Google Cloud , enabling Visa to maintain visibility across its diverse cloud environments. Advanced telemetry aggregation provides a holistic view of the security landscape, allowing Visa to correlate data from multiple sources effectively.

Beyond providing visibility, Expel also proved its worth in day-to-day operations. The service efficiently handles initial alert triage, significantly reducing the workload on Visa’s security operations center (SOC) team. “Expel’s platform has significantly streamlined our security operations,” Menon explains. “Expel’s AI-driven triage system effectively prioritizes alerts, allowing our analysts to focus on the most critical issues. This has greatly improved our overall operational efficiency.”

The ability to customize its services to Visa’s exacting standards sets Expel apart in the competitive MDR landscape. This cooperative approach extends to ongoing initiatives, exemplified by joint efforts to enhance integration with Visa’s existing security infrastructure.

“Visa’s partnership with Expel is truly collaborative,” says Ravi Soman. “We’ve brought our teams together to co-develop solutions and tackle complex problems together, recognizing that the most effective security measures arise from combining our industry expertise with Expel’s technological innovations.”

The partnership between Visa and Expel allows Visa to maintain its high security standards while efficiently managing the complex M&A landscape.

Significant benefits include:

• Accelerates visibility of newly acquired companies, providing telemetry in days, not months
• Strengthens security coverage, providing transparency across diverse security environments, with comprehensive cloud support for major providers like AWS and Google Cloud
• Streamlines alert triage, enabling Visa’s security team to focus on more complex tasks and strategic initiatives
• Reduces risk during the transition for acquired companies into Visa’s security

Expel has helped Visa empower its security team to focus on more strategic initiatives, boosting overall efficiency. Expel MDR provides rapid insights into the security posture of new acquisitions, enabling more informed decisions around M&A strategies.

“We’re targeting a 10-15% increase in efficiency through AI and improved tooling,” says Soman. “It’s important to note that our partnership with Expel isn’t about reducing headcount. We’re aiming to free up our people to work on more strategic projects, enabling us to do more with our existing team.”

Visa has also realized cost savings by consolidating multiple point solutions into Expel’s unified platform. Crucially, the solution’s flexibility allows it to scale seamlessly with Visa’s growth, adapting to new acquisitions and evolving security landscapes with ease.

“By expanding our cybersecurity toolkit with Expel’s solutions, we’re enhancing Visa’s security posture across the board, for our core operations, our acquired entities, and our entire corporate ecosystem,” says Soman. And the solution supports Visa’s proactive approach to cybersecurity, recognizing the need for adaptable solutions in a dynamic threat environment.

“Looking ahead, our focus is on continuously improving our integration timelines,” Soman explains. “We’re working closely with Expel to streamline the onboarding of new security tools and capabilities. This agility is crucial in the rapidly evolving fintech landscape.”