Skip to main content
Case studies

Cyber Threat Modeling

Cyber Threat Modeling

Requirement

Assist a large Software as a Service (SaaS) healthcare provider with comprehensive cyber threat modeling measures for their growing business.

Issues

The client was experiencing strong growth with their industry leading SaaS platform offering, but were also concerned about growing cybersecurity threats that could damage their product offering, and their reputation.

Senior leadership wanted to determine what cyber threats existed against their SaaS platform, and what, if any, countermeasures were in place, and what additional measures needed to be implemented.

Additional issues for the client

No Real Experience with the Concept of Cyber Threat Modeling: While the client was well aware of the broader topic of cybersecurity, they had never performed any type of cybersecurity exercise relating to the concept of cyber threat modeling.

No Cybersecurity/Compliance Officer: The client had nobody formally in charge of cybersecurity or compliance, as a result, their exposure to cybersecurity measures in terms of threat modeling, was very limited.

Solution

Centris deployed a team of cybersecurity experts that successfully accomplished the following:

  • Defined project scope and client participation.
  • Identified all control gaps and recommendations for remediation.
  • Completely reviewed all current security policy documentation and began authoring new BoA GIS specific policies and procedures.
  • Established contact and working relationships with all in-scope third-party vendors to begin the all-important task of identifying all external suppliers.
  • Defined project scope and client participation.
  • Agreed upon a set of industry leading cybersecurity threat modeling parameters to utilize
  • Identified all control gaps and recommendations for remediation (both from a security and documentation standpoint).
  • Completely reviewed all InfoSec documentation and began authoring new cybersecurity specific policies and procedures.
  • Sourced a number of much-needed security tools (i.e., File Integrity Monitoring, Data Loss Prevention, Intrusion Detection Systems, Multi-Factor Authentication, Vulnerability Scanning, and more) for helping strengthen the client’s security posture.

Outcome

  • Implemented a wide-range of security and operational measures for helping greatly strengthen the client’s cyber preparedness and overall network security.
  • Created a true culture of compliance where employees now understand and value information security, cybersecurity, and data privacy.
  • Implemented a continuous monitoring program for ensuring cybersecurity controls are properly monitored long after the consultants are gone.

Duration: 3.5 Months

Get the case study

Download the case study
Why Centris
As an internationally recognized business consulting firm, our highly trained employees work in every conceivable industry/sector in the global business arena. Centris has the knowledge and expertise you need for solving the challenges you’re facing. Our professionals are at the forefront of many of today’s most pressing risk, privacy, cybersecurity and compliance issues affecting organizations. We have a deep bench of talented professionals ready to go to work for you.
Ready to talk?