16 Oct Syncurity and Premise Health: A Winning Combination
By John Jolly
It’s an exciting week for the team at Syncurity! Our customer, Premise Health, was selected as a winner by CSO, one of the premier security media brands providing insight into business risk leadership. This awards program recognizes organizations for security projects and initiatives that demonstrate outstanding business value.
We’re proud to be part of the Premise Health story. Syncurity began working with the Premise Health team as the company formed in 2014 following the merger between Take Care Employer Solutions (a Walgreens subsidiary) and CHS Health Services. The organizations faced a significant M&A challenge: combining their respective Security Operations Center (SOC) functions into a single, unified SOC with expanded incident response and security management capabilities supporting the newly-formed company’s role in the demanding healthcare sector.
On the recommendation of its Chief Information Security Officer, Joey Johnson, Premise Health embarked to build its new SOC in-house in order to provide a robust and scalable program protecting its organizational “crown jewels.” Because of the nature of Premise’s business, protection of its assets requires deeper contextual awareness of the organization’s people, systems, processes and missions. At the same time, Premise Health recognized that limited personnel resources and increased workloads meant they needed to accelerate SOC throughput in order to realize the ROI of in-sourcing security. They also had to plan for future M&A without staff and cost increases.
Security Operations Automation and Orchestration Strategy
That’s where Syncurity joins the story. Johnson devised a security operations automation and orchestration strategy to more effectively triage alerts and, when warranted, escalate and manage incidents. His model had to address the challenges of rapidly onboarding new analysts to the SOC, while simultaneously protecting against analyst turnover in a highly competitive market.
Alert Triage with Syncurity’s IR-Flow Platform
Our platform enables Premise Health’s team to more quickly and effectively triage SIEM alerts and manage incidents, while improving overall security, and provides the framework to support cost-effective business growth. By combining both machine-automated and human-initiated processes to retrieve and manage security data and creating a central “playbook” of IT and communications actions based on alert and incident types, Premise can rapidly onboard and introduce new analysts, while simultaneously safeguarding the sensitive information for its more than 200 customers, many among the Fortune 1000.
Premise Health Grows and Uses IR-Flow to Handle Alert Increases
With IR-Flow, Johnson and his analyst team have smoothly handled Premise’s combined business, plus three recent acquisitions. Additionally, they have significantly increased the number of alerts handled daily by each analyst and reduced “mean-time-to-closure” and number of security incidents while increasing the quantity of alerts evaluated.
Please join me in congratulating Joey and the Premise Health team on this well-deserved recognition!