CIO - Molina Healthcare
Accounting for 79% of all breaches till November 2020, the healthcare and healthcare insurance industry has been witnessing a heightened frequency of high-impact cyber-attacks. Healthcare enterprises typically maintain data repositories constituting not just financial information but also personal and clinical data. Molina Healthcare comprises a treasure trove of highly sensitive Personally Identifiable Information (PII) and Protected Health Information (PHI) data for its 3.6 million customers. While Social Security numbers and credit card information usually sell for USD 1 to USD 110, medical records can be sold for up to USD 1000 in the underground marketplaces owing to the data’s utility in nefarious activities comprising identity theft and financial fraud.
Committed to securing Molina Healthcare’s IT environment, critical applications, and patient PII/PHI, Amir brought in SAFE Security to conduct red teaming exercises to closely mimic a real hacker’s active and covert attack methods as part of due diligence. SAFE Security’s Red Team executed a real-world, “no-holds-barred” attack scenario on Molina Healthcare’s perimeter infrastructure to test the adequacy of its security tools/controls as well as detection and response capabilities of its Blue Team and Cyber Security team.
While the red teaming exercises helped unearth serious security loopholes that would not otherwise be detected with traditional penetration tests, Amir continued with his pursuit of a real-time, quantified view of resiliency of Molina’s hybrid tech stack.
The hassle of managing multiple spreadsheets, manually combining the assessment results, and tracking the progress in terms of what's being fixed and what's not, consumed painstaking long hours for my team spread across various cities. Thus, the possibility of quantifying the overall risk at technology level/asset level or a BU level was bleak.”
A continuous and clear visibility into the risk posture through dynamic predictions of the breach likelihood (SAFE Score) for Molina’s business critical applications
Overcoming cybersecurity communication barrier by introducing a common vernacular through SAFE
Molina Healthcare, Inc. a Fortune 200 company providing managed health care services. It has a 41-year history of supporting managed care populations serving 3.6 million members covered by government programs such as Medicare and Medicaid.
Healthcare: Insurance and Managed Care
20,000+ employees; heavily regulated (HIPAA, SOX, and PCI)
Benefits of SAFE Enterprise
- A continuous and clear visibility into the risk posture via dynamic predictions of the breach likelihood (SAFE Score) for Molina’s business critical applications.
- Breach Likelihood Score per Employee, Hybrid Asset, LoB/Crown Jewels.
- Overcoming cybersecurity communication barrier by introducing a common vernacular through SAFE.