Simplify, Secure, and Scale: How Insignia Financial Strengthened Cyber Resilience and Compliance After a Major Merger

Building resilience in a complex, regulated environment

Insignia Financial manages more than $320 billion in assets and serves more than two million Australians. As part of the country’s critical infrastructure, the firm faces high expectations for cybersecurity. After merging three large organizations, Insignia inherited a fragmented IT environment. It needed to secure that environment quickly to protect financial systems and meet tough regulatory requirements.

“We’re considered critical infrastructure in Australia,” said James Ng, Chief Information Security Officer at Insignia Financial. “That comes with a responsibility to our customers and to the financial system as a whole.”

Recent breaches across the country raised the stakes. With regulators tightening standards and attackers growing more aggressive, Insignia knew it needed more than firewalls. It needed to contain threats before they could spread.

Too many vendors, too little visibility

The merger left Insignia managing more than 40 different security vendors. “We had three of everything,” said Ng. “It wasn’t just expensive — it was operationally unmanageable.”

The team started with macro segmentation — creating broad zones to separate major systems and reduce cross-network risk. But that wasn’t enough. It needed microsegmentation for fine-grained visibility to find and fix gaps fast. Legacy systems made that harder — some couldn’t support endpoint agents, which left critical assets exposed.

“We needed a way to reduce risk without waiting until every tool and every asset was perfect,” said Ng. “We couldn’t afford to let perfect be the enemy of progress.”

From prevention to containment — and everything in between

Insignia Financial leveraged Illumio to take better control. Its host-based segmentation gave the team immediate visibility and insights. “From the moment we deployed in passive mode, we were able to identify risk behaviors,” said Ng. “RDP where it shouldn’t be, SSH in unexpected places — it was all there.”

The team used this visibility to shut down bad practices and align network traffic to internal policies. That visibility paid off again during a real-world incident.

‍

A legacy system — one without endpoint protection — was compromised. Illumio let the team isolate it immediately. “We used Illumio to ring-fence the asset in real time,” said Ng. “It bought us the time we needed to investigate without impacting the business. That was a big win.”

Now, Insignia is simplifying its toolset and advancing its Zero Trust strategy. As Ng explained, “Illumio helps us simplify, secure, and scale,” said Ng. “It’s not just containment — it’s confidence.

‍
From the moment we deployed in passive mode, we were able to identify risk behaviors. RDP where it shouldn’t be, SSH in unexpected places — it was all there.

James Ng
Chief Information Security Officer
Insignia Financial

Results and Benefits

Real-time visibility across a complex environment
Insignia has instant insight into traffic across its hybrid cloud workloads — exposing risky behaviors and legacy practices before they can become large-scale disasters.

Faster containment when every second counts
The security team used Illumio to isolate a compromised legacy system in real time, limiting the blast radius and buying time to investigate. Going forward, it is equipped to ensure immediate containment if another security incident arises.

Support for Zero Trust across merged organizations
Illumio helps enforce segmentation across disparate environments, streamlining operations and strengthening Insignia Financial’s Zero Trust posture.

Tool consolidation, reducing complexity
By eliminating duplicative vendors and surfacing actionable telemetry, Insignia Financial reduced complexity and improved control.

‍