Blogs

Cegeka Modern SOC Strengthens Cyber Resilience for Baptist Health Care (U.S.)

Written by Patricia O’Brien | Jul 16, 2026 3:36:44 PM

Client Outcomes

✅ Significantly reduced identity-related security risk

✅ Enabled 24x7 near real-time visibility into security operations through the Cegeka Cyber Resilience Dashboard

✅ Improved threat detection and response with 24x7 monitoring from the Cegeka Modern SOC

Key Takeaways

✅ Continuous security operations are more effective than one-time assessments

✅ Risk validation enables better prioritization and executive alignment

✅ Healthcare security programs succeed when people, processes, and technology are aligned

In Their Words

"Baptist was seeking a strategic partner that could not only provide improved 24x7 monitoring, but also provide formalized structure around technology risk assessments, sustainable cybersecurity policy and procedure development, and senior leadership confidence in overall security posture. Cegeka has successfully assisted on all these fronts."

Tom Della Flora, Vice President and Chief Information Officer, Baptist Health Care

The Challenge and Opportunity

Baptist Health Care (Baptist), a healthcare system in the United States operating multiple hospitals, medical parks, specialty centers, and an extensive physician network, faced growing cybersecurity risks as its digital footprint expanded. Like many healthcare organizations, it operates in a highly regulated environment where downtime directly impacts patient care, making business continuity and cyber resilience critical priorities.

Although foundational security controls were in place, Baptist leadership lacked a unified, real-time view of the organization's security posture and operations. Security data was fragmented across multiple tools, making it difficult to consistently identify, prioritize, and respond to threats. The organization sought to improve visibility, strengthen threat detection and response capabilities, and establish a sustainable operating model for managing cyber risk without disrupting clinical operations.

This created an opportunity to move from reactive, assessment-driven security activities to a continuous cybersecurity program aligned with healthcare realities. Leveraging the expertise of CTG, a Cegeka company, together with Cegeka's cybersecurity services and the Cegeka Cyber Resilience Dashboard, Baptist gained end-to-end visibility into security operations and a roadmap for continuous improvement.

The Solution and Results

CTG, a Cegeka company, partnered with Baptist Health Care using a phased approach designed to validate risk, establish a strong security baseline, and operationalize continuous security capabilities.

Phase 1: Baseline and Risk Validation

The initial phase focused on establishing clarity and confidence through:

  • A comprehensive cybersecurity assessment aligned with a structured security framework and delivered through the Cegeka Security Advisory Framework

  • External and internal penetration testing to validate real-world exposure

  • Identity and cloud security posture assessments to identify priority risk areas

  • Foundational security improvements guided by prioritized risk findings

These activities provided Baptist leadership with a clear, evidence-based understanding of cyber risk and a practical roadmap for improvement, balancing risk severity, operational impact, and remediation effort.

Phase 2: Operationalizing Cybersecurity

With a prioritized roadmap in place, the focus shifted from understanding the environment to embedding cybersecurity into daily operations through:

  • Deployment of Cegeka Security Operations Center (SOC) Services

  • Continuous vulnerability and compliance management

  • Cegeka Managed Detection & Response (MDR) across identity, endpoint, and cloud environments

  • 24x7 security monitoring, threat hunting, and incident response

  • Ongoing cybersecurity advisory services to align operations, governance, and strategy

This phase shifted Baptist from periodic assessments to continuous security operations, improving response readiness while reducing the operational burden on internal teams.

Outcomes and Impact

The phased approach delivered meaningful and measurable improvements across the Baptist organization:

  • Significant reduction in identity-related security risk, reflecting stronger directory hygiene and reduced attack paths

  • 96.5% decrease in PingCastle score

  • 22.4% increase in Microsoft Secure Score

  • Steady improvement in cloud security maturity through prioritized remediation

  • Near real-time visibility into security posture through the Cegeka Cyber Resilience Dashboard

  • Faster detection and response to security events

  • Increased leadership confidence in incident readiness and operational resilience

Most importantly, cybersecurity evolved from a series of disconnected activities into a coordinated, sustainable operating model that supports patient care rather than competing with it.

As a trusted partner, CTG, a Cegeka company, continues to strengthen Baptist's security posture through Cegeka Managed SOC Services, cybersecurity advisory support, and continuous optimization of security operations to stay ahead of evolving threats and strengthen cyber resilience.