GET A DEMO

case study

How Vulcan Cyber helps Verana Health unify security and cut risk exposure

Healthcare IT is an ongoing battleground; companies handling secure health data find themselves constantly under attack. In this case study, we’ll explore how one growing healthcare data analytics company streamlined and simplified cyber risk management, cutting vulnerabilities and hassles with Vulcan Cyber®.

The problem

  • Multiple sources of vulnerability data caused chaos and prevented prioritization.
  • Patch management fatigue.
  • Poor communication around vulnerabilities and business risk.
  • Overloaded teams scrambling to meet SLAs without adequate data.

Vulcan Cyber benefits

  • Increase in number of vulnerabilities patched within the SLA due to greater efficiency.
  • Improved accuracy of vulnerability prioritization thanks to Vulcan Cyber risk scoring.
  • Decrease in overall mean time to remediation.
  • Single pane of glass for vulnerability risk.
  • Tracking and reporting of KPI/metrics to demonstrate ROI for C-suite and teams.

 

About Verana Health

Verana Health is a digital health analytics company that provides healthcare organizations with insights into patient data to help healthcare providers improve the quality and efficiency of care.

Verana’s platform analyzes large amounts of data quickly and efficiently using artificial intelligence and machine learning. Because they handle protected health information (PHI) and personally identifiable information (PII), Verana is subject to stringent regulatory standards and must take extensive measures to ensure that patient data is secure.

The healthcare industry at a glance

  • According to IBM, healthcare remains the industry with the most expensive data breach costs, escalating from $10.10m in 2022 to $10.93m in 2023, marking an 8.2% growth. 
  • Healthcare organizations are increasingly under attack, both for the valuable information they handle and for the hefty ransoms they are willing to pay.
  • 47% of healthcare IT professionals said their organization had been attacked in the previous 2 years.
  • Out of 870 ransomware reports to the FBI in 2022 across 14 major sectors, healthcare experienced over one-third more incidents (33.8%) than the second-most vulnerable sector.

The situation

  • Assets were incomplete and incorrectly categorized.
  • Different vulnerabilities from different sources, but no unified view of vulnerabilities.
  •  Struggle to communicate cyber risk to business and technical owners.
  • Relatedly, there was an ongoing effort to change the culture to one more aware of vulnerability risk.
  • Lack of correlation made remediation difficult with limited resources.

The process

  • Vulcan Cyber helps establish automated alerting and remediation playbooks to ensure consistent, error-free workflows.
  • Single pane of glass provides a centralized view of all vulnerabilities for a comprehensive understanding of overall security posture.
  • By correlating vulnerability risk with business risk, Verana has the data they need to prioritize remediation decisions.
  • Threat intelligence ensures that Verana understands the full potential impact of vulnerabilities.
  • Automated remediation processes ensure fast, efficient solutions that reduce the risk of an exploit and keep Verana’s security posture as strong as possible.

The results

  • Unified view of vulnerabilities simplifies tracking and prioritization.
  • Improved risk correlation for educated prioritization and decision-making. 
  • Streamlined communication throughout the organization around the significance of timely vulnerability remediation.

Challenge

Verana faced a number of challenges in their vulnerability management program. The volume of vulnerabilities was increasing, the complexity of the vulnerabilities was becoming more difficult to understand and prioritize, and the security team was feeling overloaded.

Operating in the healthcare IT world and handling significant volumes of PHI and PII, Verana realized the stakes were high. The implications of a potential breach included financial losses, regulatory penalties, and reputational damage.

They wanted to improve their vulnerability management program to reduce their overall risk exposure. They understood that they needed to find a way to prioritize vulnerabilities, because within the current ecosystem—with limited resources and a busy security team—they couldn’t possibly fix everything, thus making it crucial to find the most exposed areas and fix them first. 

They also realized that without a centralized view of vulnerabilities and risk correlation, they would continue to experience severe inefficiencies around risk prioritization. They also needed to improve communication and the culture within their organization, raising awareness of the risks and improving accountability.

Solution

Vulcan Cyber ingests all of Verana’s existing vulnerability data, including vulnerability scan reports, asset inventory data, and configuration data. It then uses this data to create a centralized view of Verana’s vulnerability landscape.

This view gives Verana’s teams information about the severity of each vulnerability, the assets affected, and the business impact of each vulnerability, guiding them to prioritize vulnerabilities efficiently and focus on remediating the vulnerabilities that pose the greatest threat to their business. Vulcan Cyber then provides Verana with remediation recommendations for each vulnerability, including steps to remediate it.

The platform also helps Verana track the progress of the remediation process with concrete KPIs and metrics, ensuring a clear understanding of which vulnerabilities have been remediated, which vulnerabilities are still outstanding, and time to remediate each vulnerability. With the platform’s reporting capabilities, Verana’s security teams can also communicate more effectively with their stakeholders about their vulnerability management program and progress in this department.

Vulcan Cyber has improved Verana’s overall vulnerability management in a number of ways:

  • Establishing straightforward remediation orchestration playbooks.
  • Providing a centralized view of vulnerabilities.
  • Prioritizing vulnerabilities based on threat intelligence, business context, and attack path methodologies.
  • Tracking and reporting on risk state and remediation progress. 

 

Since working with Vulcan Cyber, Verana has reduced their volume of vulnerabilities along with their mean time to remediation, cutting overall risk exposure and protecting themselves from a number of potential threats. This was a critical goal for Verana as their business model grew and expanded, and Vulcan Cyber has ensured that their vulnerability management solution grows and scales with their organization, preserving their data and reputation as they grow.

Want to learn more?

Whatever industry you’re in, Vulcan Cyber can help. If your teams are overloaded and struggling to meet SLAs in the face of vulnerability chaos, check out our latest resources or get your free demo today.

Watch the full session of Verana Health from the CyberRisk Summit 2023 >>

Nisl aliquam lectus placerat augue adipiscing congue

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Mauris id nulla amet ut lectus. Sociis est sit habitant aliquam rutrum in ultrices. Est egestas bibendum pellentesque adipiscing. Iaculis mauris justo blandit viverra mauris, nunc. Faucibus ac lorem nibh eget dolor, rutrum ipsum. Nulla in neque porttitor viverra dolor amet at. Enim, elementum, ultrices netus non egestas pretium condimentum. Malesuada maecenas vulputate interdum suspendisse vestibulum purus sed in facilisis. Dignissim tellus dictum dictumst aliquam elit amet orci.

Nisl aliquam lectus placerat augue adipiscing congue

Id cursus ipsum nibh vitae. Ut fringilla amet, amet, et non congue aliquam et tempor. Risus id feugiat pretium porttitor augue eget auctor fusce. Auctor tortor massa orci vel nam id in sagittis, in. Porta sit in elementum dictum fermentum, id. Bibendum molestie bibendum tincidunt nullam blandit suscipit nisl, magna. Tortor vel elit ultrices pretium a sit rutrum.

Consequat tellus donec tortor et nibh at elementum adipiscing nisl

Et faucibus justo, quis mauris amet, in placerat.

Euismod auctor blandit ullamcorper ante sagittis, sodales risus bibendum. Turpis sed nunc nibh adipiscing dis in sed. Amet non eros sed mi risus. Diam consequat vel, vitae, justo, ultrices. Viverra nisl urna sed quam venenatis mauris rhoncus. Rhoncus libero sapien, at vitae sed viverra lacus aenean. Et arcu vivamus eu imperdiet morbi turpis senectus. Orci, morbi sodales aliquam at orci vestibulum phasellus. risus amet metus ultrices turpis ante. Sodales mollis donec lectus eleifend etiam faucibus justo, aliquet. Elit, elementum diam aenean hac purus vitae sodales in. At ut faucibus habitant posuere. Facilisi nibh posuere elit gravida molestie nulla.

Malesuada in sed ac quis egestas venenatis

1. Vitae, est, egestas ipsum

consectetur sodales ut ullamcorper. In amet mauris commodo aliquam ut. Orci varius rutrum fringilla elementum lorem turpis pellentesque posuere tellus. Ipsum, viverra molestie lobortis nec cras vestibulum vivamus nunc. Amet sollicitudin pharetra, ac, diam, donec ridiculus iaculis interdum. Amet tincidunt fusce metus at. Risus viverra lobortis eu nunc in. Sed lorem non sit mauris elit.

Description for image

Et faucibus justo, quis mauris amet, in placerat

Euismod auctor blandit ullamcorper ante sagittis, sodales risus bibendum. Turpis sed nunc nibh adipiscing dis in sed. Amet non eros sed mi risus. Diam consequat vel, vitae, justo, ultrices. Viverra nisl urna sed quam venenatis mauris rhoncus. Rhoncus libero sapien, at vitae sed viverra lacus aenean. Et arcu vivamus eu imperdiet morbi turpis senectus. Orci, morbi sodales aliquam at orci Dui link luctus metus ultrices turpis ante. Sodales mollis donec lectus eleifend etiam faucibus justo, aliquet. Elit, elementum diam aenean hac purus vitae sodales in. At ut faucibus habitant posuere. Facilisi nibh posuere elit gravida molestie nulla.

Vulcan Cyber Benefits

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

About Mandiant

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Challenge

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Solution

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Results

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Want to hear more?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.