✅ Significantly reduced identity-related security risk
✅ Enabled 24x7 near real-time visibility into security operations through the Cegeka Cyber Resilience Dashboard
✅ Improved threat detection and response with 24x7 monitoring from the Cegeka Modern SOC
✅ Continuous security operations are more effective than one-time assessments
✅ Risk validation enables better prioritization and executive alignment
✅ Healthcare security programs succeed when people, processes, and technology are aligned
"Baptist was seeking a strategic partner that could not only provide improved 24x7 monitoring, but also provide formalized structure around technology risk assessments, sustainable cybersecurity policy and procedure development, and senior leadership confidence in overall security posture. Cegeka has successfully assisted on all these fronts."
– Tom Della Flora, Vice President and Chief Information Officer, Baptist Health Care
Baptist Health Care (Baptist), a healthcare system in the United States operating multiple hospitals, medical parks, specialty centers, and an extensive physician network, faced growing cybersecurity risks as its digital footprint expanded. Like many healthcare organizations, it operates in a highly regulated environment where downtime directly impacts patient care, making business continuity and cyber resilience critical priorities.
Although foundational security controls were in place, Baptist leadership lacked a unified, real-time view of the organization's security posture and operations. Security data was fragmented across multiple tools, making it difficult to consistently identify, prioritize, and respond to threats. The organization sought to improve visibility, strengthen threat detection and response capabilities, and establish a sustainable operating model for managing cyber risk without disrupting clinical operations.
This created an opportunity to move from reactive, assessment-driven security activities to a continuous cybersecurity program aligned with healthcare realities. Leveraging the expertise of CTG, a Cegeka company, together with Cegeka's cybersecurity services and the Cegeka Cyber Resilience Dashboard, Baptist gained end-to-end visibility into security operations and a roadmap for continuous improvement.
CTG, a Cegeka company, partnered with Baptist Health Care using a phased approach designed to validate risk, establish a strong security baseline, and operationalize continuous security capabilities.
The initial phase focused on establishing clarity and confidence through:
A comprehensive cybersecurity assessment aligned with a structured security framework and delivered through the Cegeka Security Advisory Framework
External and internal penetration testing to validate real-world exposure
Identity and cloud security posture assessments to identify priority risk areas
Foundational security improvements guided by prioritized risk findings
These activities provided Baptist leadership with a clear, evidence-based understanding of cyber risk and a practical roadmap for improvement, balancing risk severity, operational impact, and remediation effort.
With a prioritized roadmap in place, the focus shifted from understanding the environment to embedding cybersecurity into daily operations through:
Deployment of Cegeka Security Operations Center (SOC) Services
Continuous vulnerability and compliance management
Cegeka Managed Detection & Response (MDR) across identity, endpoint, and cloud environments
24x7 security monitoring, threat hunting, and incident response
Ongoing cybersecurity advisory services to align operations, governance, and strategy
This phase shifted Baptist from periodic assessments to continuous security operations, improving response readiness while reducing the operational burden on internal teams.
The phased approach delivered meaningful and measurable improvements across the Baptist organization:
Significant reduction in identity-related security risk, reflecting stronger directory hygiene and reduced attack paths
96.5% decrease in PingCastle score
22.4% increase in Microsoft Secure Score
Steady improvement in cloud security maturity through prioritized remediation
Near real-time visibility into security posture through the Cegeka Cyber Resilience Dashboard
Faster detection and response to security events
Increased leadership confidence in incident readiness and operational resilience
Most importantly, cybersecurity evolved from a series of disconnected activities into a coordinated, sustainable operating model that supports patient care rather than competing with it.
As a trusted partner, CTG, a Cegeka company, continues to strengthen Baptist's security posture through Cegeka Managed SOC Services, cybersecurity advisory support, and continuous optimization of security operations to stay ahead of evolving threats and strengthen cyber resilience.