Skip to main content
Request a Demo

National Medical Insurance Provider Quantifies Risk

Industry

Healthcare

Company Type

Medical Insurance Provider

Company Size

40 Independent Operating Companies

Learn about persistent threats, lessons for the future, and how ThreatConnect is working to protect its customers.

Challenge

Healthcare Cyber Risk: The healthcare company was unable to consistently measure cyber risk across its member companies, and had difficulty accurately showing the potential financial impact of a successful attack. They also were challenged by subjective project prioritization that did not use risk impact analysis to drive decisions.

The project centered on achieving an aggregate view of the greatest financial cyber risks across all 40 member companies so the Chief Information Security Officer could effectively prioritize resources and have impactful monetary discussions with the Board.

The CISO also wanted to give each member company a snapshot of their greatest financial risks.

Solution

ThreatConnect Risk Quantifier (RQ) provided the client the ability to objectively look at risk as a portfolio, across all of their member companies and prioritize resources by return-on-investment to buy down the most risk. RQ’s automated approach to cyber risk quantification for short time-to-value was critical to making CRQ a reality for this small team.

Outcome

By leveraging ThreatConnect RQ, the CISO of the parent company now has a window of insight into the risk posture of dozens of independent operating companies and can rank them accordingly. The CISO is also using RQ to understand which company is doing well and which isn’t to help for awareness and to prioritize where to focus resources. By enabling each independent company to visualize their greatest financial risks, the CISO was able to lead data-driven discussions with the Board of Directors.

By deploying ThreatConnect RQ, the client was able to:

  • Justify spend and security investments across an enterprise portfolio company
  • Compare and contrast investments and initiatives to risk reduction
    • If I spend “X” will I get “Y”? Is it worth it?
    • Prioritize which investments you make, when, where and how
  • Determine and track critical assets
  • Help organizations identify (and quantify) what their critical assets are, and track them:
    • Apps that house critical PXI data (PCI, PHI, PII) and data records
    • Apps critical to business operations (revenue generation)
    • Holding something of financial value (Intellectual Property)
  • Prioritize vulnerabilities by financial impact

Read Next:

Healthcare

Large Hospital and Healthcare System – Phishing Automation and Bulk Importing and Enrichment of Indicators

Challenge

This Large health system's major challenges focused on automating Threat Intelligence collection, IOC enrichment, workflow templates, and Case Management. Use cases included phishing automation, bulk importing, and enrichment of indicators using VirusTotal, with scoring criteria based on VirusTotal results.

Solution

ThreatConnect's intelligence-powered security operations capabilities allowed the security team to streamline operations by creating automated workflows and playbooks, reducing manual steps. This solution involved multiple tool integrations for improved efficiency.
Technology

Maturing Cybersecurity Infrastructure with Intelligence-Powered Security Operations

Challenge

Using manual methods to track Indicators of Compromise (IOCs) on an immature security stack with multiple silos.

Solution

Free up the team to improve morale and to more strategically leverage existing technology investments at scale to meet the business needs.
Technology

Large Enterprise Needed Centralized Threat Intelligence Management

Challenge

This large technology client sought a centralized repository of threat intelligence to unify contextualized data, facilitate collaboration, and drive prioritization. The only viable solution to these challenges had to collect, normalize, and disseminate data while enabling analysis for actionable threat intelligence.

Solution

ThreatConnect automates the aggregation of internal and external threat intelligence, freeing up teams to focus on analysis and response. With in-platform analytics providing context and relevance, actions can be performed automatically or manually. Seamless integration with security tools and customization of workflows helps optimize SOC team processes. ThreatConnect became this company's system of record for threat intelligence processes and collaboration.