A healthcare insurance company closes security gaps and builds an in-house Security Operations Center using a cybersecurity solution. 


In the healthcare industry, data breaches can erode patient trust and damage a company’s reputation. This was the challenge facing our client when they acquired a specialty pharmacy. Before the acquisition closed, cyber criminals exploited vulnerabilities and accessed systems containing personally identifiable information (PII). Our client engaged us to strengthen their cybersecurity program after the breach. Our key objectives were to:​

  • Assess their environment post-breach​

  • Build their initial cybersecurity team​

  • Consolidate security tools into the parent company​

  • Remediate vulnerabilities​

  • Develop and implement new security controls​

  • Provide ongoing managed security services​

“With their help we went from a tiny security team to what it is today, and the quality of the Apex people have been top notch. Their Solution Leaders have great technical perspective and can marry strategy with delivery.”
– Security Director, Client​


Apex developed the acquired entity’s first and fully managed security function. We assembled and onboarded a team of consultants and deployed them to the necessary functions within the business. Once onboarded, Apex developed a future state strategy for integration into the purchasing company’s security environment and consultants began working on tasks to achieve Risk Parity. These consultants:​

  • Developed and implemented cloud security best practices within AWS and Azure. ​

  • Managed operations of the threat and vulnerability management (TVM) program and toolset (i.e., Rapid7). ​

  • Onboarded critical systems and services to the purchasing company’s secured environment and created data flow mappings identifying PII and Protected Health Information. ​

  • Provided ongoing Level 1 & 2 security support for identity and access, logging and monitoring, incident response, and TVM processes. ​

  • Developed process documentation to assist in knowledge transfers and future scaling. ​

  • Developed a change management and peer review for cloud security and IT Operation changes, resulting in a 97% successful implementation rate without needing to revert to backout or a recovery process.​


The engagement allowed our client to reduce their security risk profile and adhere to the purchasing company’s security requirements to fully integrate into their environment before the required deadline.  It was achieved by remediating current High and Critical vulnerabilities, integrating and standardizing security and IT operations tools, and implementing new security program best practices. In total, we remediated over 1,400 critical and high-security vulnerabilities in the Azure and AWS environments two months ahead of schedule to enable integration before the deadline. They also transitioned the security operations center (SOC) from a previous managed SOC provider to in-house, which reduced incident response times by 50% on average for all CrowdStrike and Rapid 7 High & Medium security alerts.​