CIO - Molina Healthcare
Accounting for 79% of all breaches till November 2020, the healthcare and healthcare insurance industry has been witnessing a heightened frequency of high-impact cyber-attacks. Healthcare enterprises typically maintain data repositories constituting not just financial information but also personal and clinical data. Molina Healthcare comprises a treasure trove of highly sensitive Personally Identifiable Information (PII) and Protected Health Information (PHI) data for its 3.6 million customers. While Social Security numbers and credit card information usually sell for USD 1 to USD 110, medical records can be sold for up to USD 1000 in the underground marketplaces owing to the data’s utility in nefarious activities comprising identity theft and financial fraud.
Committed to securing Molina Healthcare’s IT environment, critical applications, and patient PII/PHI, based on recommendation from Molina’s service partner, Infosys, Amir brought in SAFE Security to conduct red teaming exercises to closely mimic a real hacker’s active and covert attack methods as part of due diligence. SAFE Security’s Red Team executed a real-world, “no-holds-barred” attack scenario on Molina Healthcare’s perimeter infrastructure to test the adequacy of its security tools/controls as well as detection and response capabilities of its Blue Team and Cyber Security team.
While the red teaming exercises helped unearth serious security loopholes that would not otherwise be detected with traditional penetration tests, Amir continued with his pursuit of a real-time, quantified view of resiliency of Molina’s hybrid tech stack.
The hassle of managing multiple spreadsheets, manually combining the assessment results, and tracking the progress in terms of what's being fixed and what's not, consumed painstaking long hours for my team spread across various cities. Thus, the possibility of quantifying the overall risk at technology level/asset level or a BU level was bleak.”
A continuous and clear visibility into the risk posture through dynamic predictions of the breach likelihood (SAFE Score) for Molina’s business critical applications
Overcoming cybersecurity communication barrier by introducing a common vernacular through SAFE
Cyber Security Practice - Infosys
Molina Healthcare, Inc. a Fortune 200 company providing managed health care services. It has a 41-year history of supporting managed care populations serving 3.6 million members covered by government programs such as Medicare and Medicaid.
Healthcare: Insurance and Managed Care
20,000+ employees; heavily regulated (HIPAA, SOX, and PCI)
Benefits of SAFE Enterprise
- A continuous and clear visibility into the risk posture via dynamic predictions of the breach likelihood (SAFE Score) for Molina’s business critical applications.
- Breach Likelihood Score per Employee, Hybrid Asset, LoB/Crown Jewels.
- Overcoming cybersecurity communication barrier by introducing a common vernacular through SAFE.
Infosys is a global leader in next-generation digital services and consulting. We enable clients in 46 countries to navigate their digital transformation. With four decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change.
We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem. Visit www.infosys.com to see how Infosys (NYSE: INFY) can help your enterprise navigate your next.