Case Study: Asklepios (Germany’s healthcare conglomerate) achieves continuous risk monitoring, reduced external attack surface, and regulatory compliance with CyCognito

Healthcare Conglomerate Asklepios Significantly Improves Risk Exposure with CyCognito

Asklepios, Germany’s second-largest private healthcare provider with 170 medical facilities (including 70 hospitals), roughly 50,000 employees and a centralized IT team of 330, faced the twin challenges of protecting highly sensitive patient data and meeting strict regulations such as the BSI Act and the forthcoming EU NIS 2 directive across a sprawling environment of some 5,000 servers, ~25,000 endpoints and 8,000 network devices. To gain visibility and prioritize external risk, Asklepios turned to CyCognito’s platform for continuous external attack-surface monitoring and cyber risk prioritization.

CyCognito delivered an automated, one-click dashboard and continuous monitoring that discovered previously unidentified assets and vulnerabilities, provided remediation guidance, and sent weekly updates to trigger fixes. As a result, Asklepios reduced reliance on lengthy penetration tests, shut down unmanaged websites to significantly shrink its external attack surface, improved remediation efficiency, and gained board-ready reporting — helping ensure compliance with BSI Act requirements and readiness for NIS 2.

Asklepios

Daniel Maier-Johnson

CISO