Jerome’s Furniture: Compliance to Real Security

Horizon3.ai  |  May 21, 2025  |  Customer Stories
Mission

Jerome’s Furniture is committed to providing high-quality home furnishings at everyday low prices, treating customers like family, and ensuring transparency, service, honesty, quality, and a family-oriented approach in all interactions.

Area of Operation:

Jerome’s Furniture operates primarily in Southern California, with multiple showrooms across the region, including locations in San Diego, Los Angeles, Orange County, and the Inland Empire.

Year Founded:

1954

Number of Staff:

Approximately 600 employees

Problem:

  • Evolving Threat Landscape: Rise in ransomware, data breaches, and supply chain attacks targeting retailers
  • Compliance Fatigue: Reliance on periodic vulnerability scans for PCI DSS left gaps in real-world security
  • Information Overload: Security tools generated massive amounts of vulnerability data with little prioritization
  • Manual Remediation Strain: Small IT team struggled to address thousands of issues effectively
  • False Sense of Security: Compliance didn’t equate to true protection—vulnerabilities remained exploitable

Approach:

  • Security Mindset Shift: IT Director Adam Warren recognized the need to think like an attacker
  • Conference Discovery: Introduced to Horizon3.ai’s NodeZero® at a cybersecurity event
  • Real-World Testing: Embraced continuous, autonomous penetration testing instead of scheduled, point-in-time assessments
  • Trial Run with NodeZero: Deployed the platform in a live environment to emulate attacker behavior safely

Retailers need to start thinking like attackers—before attackers do.”

– Adam Warren, Director of IT

Adam Warren

Solutions:

  • Autonomous Pentesting with NodeZero:
    • Emulated real-world attacks to identify exploitable vulnerabilities
    • Demonstrated lateral movement, privilege escalation, and attack paths
    • Delivered prioritized findings with remediation guidance
  • Immediate Insights:
    • Exposed critical gaps missed by traditional tools
    • Reduced noise and helped the team focus on what really mattered
    • Validated effectiveness of existing controls—not just compliance status
  • Continuous Testing:
    • Allowed Jerome’s to attack itself on demand, mirroring real-world conditions
    • Shifted from a reactive to proactive security strategy

Impact:

  • 75% Reduction in MTTR: Drastically shortened time to fix critical vulnerabilities
  • PCI Compliance Reimagined: Transformed from checkbox exercise to meaningful risk reduction
  • Lower Costs, Higher Efficiency: Replaced multiple legacy tools with a single, smarter solution
  • Improved Security Posture: Gained confidence that defenses are not just compliant—but effective
  • Future-Proofing: Prepared for AI-driven threats by continuing to invest in autonomous, attacker-style assessments
  • Leadership Takeaways:
    • Compliance ≠ Security
    • Attack yourself first—before attackers do
    • Focus on exploitable vulnerabilities
    • Make continuous testing the norm

Want the full story? Read the case study below.

Case_Study_Jeromes_Furniture
Fireside Chat: Horizon3.ai and Jerome's Furniture

To hear more directly from Adam at Jerome’s watch our Fireside Chat.

How can NodeZero help you?
Let our experts walk you through a demonstration of NodeZero®, so you can see how to put it to work for your organization.
Get a Demo
Share: