Case Study: Healthcare organization achieves industry-leading cybersecurity maturity and reduced cyber risk with Protiviti

Healthcare organization commits to raising its cybersecurity competency to buck the industry norm

Healthcare Organization — a large hospital and physician group network experiencing rapid 20% annual growth — faced mounting cyber threats and an understaffed, reactive IT security function. To assess and shore up its defenses, the Healthcare Organization engaged Protiviti for a three-month ISO 27001/2 assessment to identify gaps and prioritize improvements.

Protiviti designed and led a program of roughly 30 remediation and training initiatives (including interim CISO support, data protection technologies, vulnerability mitigation, third‑party risk management, identity/database hardening, ongoing vulnerability testing and staff training), and helped scale staffing via its managed services partner. As a result, identity management risk fell 53%, phishing recognition more than doubled versus 2015, staff levels grew about fourfold, attrition dropped, and the organization’s CMM ranking rose to the high end of the healthcare industry average.