HumanGood Empowers IT Team to Reduce Network and Cloud Risk with NetSPI PTaaS

Challenge: Lack of visibility and detail to network and cloud risk

HumanGood, the sixth-largest not-for-profit provider of senior housing and services in the United States, faced challenges in augmenting its small IT department. Their team needed to ensure they could maintain their cloud security posture, as well as protect their internal and external networks. An employee-to-IT staff ratio of 135 to one meant the IT department was already resource constrained. Additionally, their health care facilities and skilled nursing services made them vulnerable to risks from cyberattackers targeting the health care industry.

The company needed to partner with a proven organization that could deliver quality testing, with significant detail and ongoing guidance. However, the team felt there was a lack of detail and thoroughness in the reporting they received, which made them concerned about their small IT team not fully understanding their risk.

Solution: PTaaS on the NetSPI Platform for quality, communication, and efficacy

HumanGood decided to engage NetSPI penetration testing as a service (PTaaS) to test both their internal and external network, as well as the cloud. A key reason for engaging NetSPI was the comprehensive approach and real-time communication that the platform delivered. The company was looking for a true partner to help its team, and a way to deeply understand the vulnerabilities and exposures that were most critically important. The nimble IT team at HumanGood was able to leverage a single easy-to-use platform for testing, one they could keep referring to as long as needed to understand the implications of their results.

PTaaS on NetSPI’s Platform also enabled the team to engage in conversation with the security experts at NetSPI, receiving both guidance, detailed information, and clarification about their most critical issues for remediation in real time. This continuous engagement has been a force multiplier for the resource-constrained team.

“I’m a big believer in doing penetration testing every year. We do have healthcare facilities, skilled nursing – and those tend to be targets for malicious actors. So, I wanted to make sure we were ready for anything.”

– Dawn Armstrong, Vice President of IT Operations

Results: Accelerated time to remediation with detailed in-depth assessments

Streamlined path to retesting and staying ahead of potential threats

HumanGood was able to take advantage of the proactive involvement of the NetSPI team to ensure they focused on the most critical vulnerabilities. They effectively utilized their internal team and kept to their strict budget requirements. HumanGood successfully reduced costs thanks to the deep insights and prioritization capabilities of The NetSPI Platform, combined with the expertise of our in-house security experts. As a result, only one significantly critical retest was necessary.

The NetSPI Platform, along with a collaborative approach and seamless communication with in-house security experts, empowered the HumanGood team with the deep understanding they needed to feel more confident in addressing the company’s cybersecurity posture challenges. NetSPI’s approach of combining people, process, and technology gave HumanGood the peace of mind that they invested in quality testing. NetSPI’s ability to simulate realistic threat actor behavior gave the HumanGood IT team the confidence they need to stay ahead of potential threats.

“I’m not really interested in [vendors] that do automated pentesting. I need somebody to be in there behaving like they were a hacker. And that’s why I used [NetSPI] twice in a row, and I may use [NetSPI] three times in a row, because every year, despite us diligently nailing down what you find, you’re able to dig back in.”

– Dawn Armstrong, Vice President of IT Operations