trava case study:

Zonos now has cyber risk management strategy with clarity, efficiency and confidence in what they are doing as a business.

Zonos: scaling international commerce securely

Founded in 2009
#1 in duty and tax
Case in St George, UT
#1 top work places 2020

About Zonos

Zonos decodes the complexity of cross-border commerce. Their advanced technology and APIs make it simple for businesses to manage the common challenges of international e-commerce. The Zonos landed cost engine can be easily integrated with plug-ins for shopping cart platforms such as: Magento, Salesforce, Shopify, and BigCommerce. Many online merchants use Zonos to expand their business internationally.

Opportunity

During a tech company’s early stages of growth, critical security controls can be immature. This exposes those companies to serious cybersecurity risks. Zonos knew that they could get ahead of the risk curve by gaining better visibility into their vulnerabilities. When Andrew Spencer joined Zonos in 2021, he created a strong cyber risk strategy and looked for ways to inform cybersecurity priorities with relevant data. 

Clearly seeing that a robust risk management solution was needed, Andrew set out to find a partner that could:

  • measure the maturity of their security controls,
  • identify, quantify and track risks, and
  • help understand risks to prioritize mitigation.

“We really wanted visibility into risks and to be more proactive in managing them.” -Andrew Spencer, VP of Engineering

“We were working with large customers asking about our security posture, and we knew that finding something that could help us with our security posture was the best place to start. We discovered Trava and realized they’d be a good partner. I was able to meet with Jim [Goldman] and quickly understood how he and Trava would be able to help us as a vCISO.”

Bradly ruggles

CEO & Co-Founder of Encamp

Bradly ruggles

CEO & Co-Founder of Encamp

Andrew Spencer

VP of Engineering

Why Trava

Zonos is growing with enterprise-level customers and Trava has helped them create a strong security posture to enable this growth.

During the search for a risk mitigation company, Zonos spoke with a few different providers and Trava stood out as the best possible partner.

Trava is a comprehensive solution

Trava does fractional CISO work, which is exactly what Zonos was looking for. Zonos uses Trava's tools to run assessments for their cybersecurity compliance needs which are identified through cyber risk assessments.

“Trava has helped us raise awareness. The phishing campaigns remind everyone about the cybersecurity threats that exist, the risk assessments help the operations teams know where to focus, and the security scans help us to identify vulnerabilities that need to be addressed.” -Andrew Spencer, VP of Engineering

The Zonos team also relies on Trava’s Social Engineering feature in the product. Through Social Engineering, Zonos rolls out phishing campaigns across their team. Zonos also runs vulnerability scans through Trava.

Trava brings focus and guidance

Trava has helped Zonos dial in its focus. The company doesn't have a full-time CISO, and with Trava's fractional CISO work, they don’t need one.

"Given Trava's expertise, it would be tough to find a CISO with the same combined experience." -Andrew Spencer, VP of Engineering

Outcome

Working with Trava on a cyber risk management strategy has brought Zonos clarity, efficiency and confidence in what they are doing as a business. Zonos customers now have peace of mind when the company can give detailed responses about the steps that are taken to secure their data and their customers’ data.

“Trava has definitely helped us do more with less. We're a very lean team… Trava helps us be hyper efficient and confident in our security posture, even though we don't have a large SecOps team.” -Andrew Spencer, VP of Engineering