HumanGood Empowers IT Team to Reduce Network and Cloud Risk with NetSPI PTaaS
About HumanGood
HumanGood is the sixth-largest not-for-profit provider of senior housing and services in the United States.
For more information, visit www.humangood.org
NetSPI Solutions
Penetration Testing as a Service (PTaaS)
Industry
Non-Profit – Housing and Health Care for Seniors
Employee Count
5,500
Headquarters
Duarte, California
Challenge: Lack of visibility and detail to network and cloud risk
HumanGood, the sixth-largest not-for-profit provider of senior housing and services in the United States, faced challenges in augmenting its small IT department. Their team needed to ensure they could maintain their cloud security posture, as well as protect their internal and external networks. An employee-to-IT staff ratio of 135 to one meant the IT department was already resource constrained. Additionally, their health care facilities and skilled nursing services made them vulnerable to risks from cyberattackers targeting the health care industry.
The company needed to partner with a proven organization that could deliver quality testing, with significant detail and ongoing guidance. However, the team felt there was a lack of detail and thoroughness in the reporting they received, which made them concerned about their small IT team not fully understanding their risk.
Solution: PTaaS on the NetSPI Platform for quality, communication, and efficacy
HumanGood decided to engage NetSPI penetration testing as a service (PTaaS) to test both their internal and external network, as well as the cloud. A key reason for engaging NetSPI was the comprehensive approach and real-time communication that the platform delivered. The company was looking for a true partner to help its team, and a way to deeply understand the vulnerabilities and exposures that were most critically important. The nimble IT team at HumanGood was able to leverage a single easy-to-use platform for testing, one they could keep referring to as long as needed to understand the implications of their results.
PTaaS on NetSPI’s Platform also enabled the team to engage in conversation with the security experts at NetSPI, receiving both guidance, detailed information, and clarification about their most critical issues for remediation in real time. This continuous engagement has been a force multiplier for the resource-constrained team.
“I’m a big believer in doing penetration testing every year. We do have healthcare facilities, skilled nursing – and those tend to be targets for malicious actors. So, I wanted to make sure we were ready for anything.”
– Dawn Armstrong, Vice President of IT Operations
Results: Accelerated time to remediation with detailed in-depth assessments
Streamlined path to retesting and staying ahead of potential threats
HumanGood was able to take advantage of the proactive involvement of the NetSPI team to ensure they focused on the most critical vulnerabilities. They effectively utilized their internal team and kept to their strict budget requirements. HumanGood successfully reduced costs thanks to the deep insights and prioritization capabilities of The NetSPI Platform, combined with the expertise of our in-house security experts. As a result, only one significantly critical retest was necessary.
The NetSPI Platform, along with a collaborative approach and seamless communication with in-house security experts, empowered the HumanGood team with the deep understanding they needed to feel more confident in addressing the company’s cybersecurity posture challenges. NetSPI’s approach of combining people, process, and technology gave HumanGood the peace of mind that they invested in quality testing. NetSPI’s ability to simulate realistic threat actor behavior gave the HumanGood IT team the confidence they need to stay ahead of potential threats.
“I’m not really interested in [vendors] that do automated pentesting. I need somebody to be in there behaving like they were a hacker. And that’s why I used [NetSPI] twice in a row, and I may use [NetSPI] three times in a row, because every year, despite us diligently nailing down what you find, you’re able to dig back in.”
– Dawn Armstrong, Vice President of IT Operations
Explore more success stories
Trimble enhances and secures product development with NetSPI PTaaS
BISO, Trimble
“When we have a trusted partner and platform like NetSPI to focus on finding our gaps it really takes us to that next level of cybersecurity maturity.”
Nuspire partners with NetSPI to safeguard customer trust
Chief Executive Officer, Nuspire
“What makes NetSPI an effective proactive security partner is their focus on innovation. We at Nuspire are very forward thinking. And when you sit down with the strategists at NetSPI, the way that they’re thinking about evolving their platform, the way that they’re thinking about the future, they’re going to innovate products and services that are cutting edge. So, it gives us a sense of comfort that we’re partnering with someone that’s going to be there for the long haul.”
Chubb partners with NetSPI to bring Attack Surface Management (ASM) to its policyholders
Cyber Intelligence Officer at Chubb
“We consider [NetSPI] to be almost an extension of our own team – they understand our attack surface, and it feels like they are genuinely concerned about making sure they find the holes, vulnerabilities, and gaps to protect us.”