![\"\"](\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/Business-Impact-Assets-and-Issues-Asklepios-.webp\")
<\/figure>\n\n\n\nFigure 1: Business Impact for tested assets and top 10 detected attack vectors<\/p>\n\n\n\n
Building Stronger External Defenses and Gaining a Hacker\u2019s Perspective<\/h2>\n\n\n\n
Maier-Johnson points out that one of the biggest benefits Asklepios has gained from CyCognito is the visibility that the platform provides into its external attack surface. \u201cWe use it to see how we can build our wall higher and higher so nobody climbs the wall, and there are no holes or cracks that somebody can sneak through.\u201d<\/p>\n\n\n\n
CyCognito has been a game-changer for Asklepios, providing invaluable insight into potential hackers’ perspectives. The platform has significantly enhanced Asklepios’s ability to understand and address vulnerabilities from an external standpoint.<\/p>\n\n\n\n
“CyCognito is one of the first most important tools to understand what a hacker can see; it saves a lot of time and helps us to capture all the assets and all the vulnerabilities.”<\/p>\n\n\n\n Figure 2: Impact Analysis Summary<\/p>\n\n\n\n With such a large organization, and one that\u2019s constantly changing, Maier-Johnson understands his team may never fix everything. \u201cBut we need to start with the most critical and the most important,\u201d he says.<\/p>\n\n\n\n By facilitating a risk-based approach to IT security, CyCognito has improved Asklepios\u2019 cybersecurity posture by providing transparency and efficiency in identifying and prioritizing vulnerabilities to remediate first.<\/p>\n\n\n\n \u201cWe can say, not only have we found something, but we can say this is how you can fix it,\u201d notes Maier-Johnson. The cybersecurity team then uses CyCognito to see if a particular asset vulnerability has been fixed or not, at which time they can follow up.<\/p>\n\n\n\n While Diehm\u2019s team monitors and detects potential security vulnerabilities, the organization\u2019s other IT departments are responsible for fixing what his team finds, his team also provides information \u2013 provided by CyCognito \u2013 on how to remediate.<\/p>\n\n\n\n \u201cI get an update weekly and quickly get an overview of new assets that have been added or possible vulnerabilities, and then our remediation process is triggered. Before, it took hours to check on our assets and many penetration tests to identify a vulnerability.\u201d<\/p>\n\n\n\n Maier-Johnson notes that CyCognito’s reporting capabilities have proven invaluable in communicating security status and improvements to Asklepios’ Board of Directors. The easy-to-use platform creates reports that he takes to the Board.<\/p>\n\n\n\n \u201cWe can show the board \u2018here\u2019s what we\u2019ve seen in the last quarter and the changes from the quarter before and so on. We can also show them trends about how we are fixing our external surface.\u201d<\/p>\n\n\n\n Diehm adds, \u201cThe entry-level screens are very easy to use, so executives can get a higher-level picture, and then the technical team can take a deep dive to get into the technical information you need. Our infrastructure has grown over the years. CyCognito is helping us get a clue to what\u2019s going on outside our internal environment.\u201d<\/p>\n\n\n\n Asklepios faces the upcoming revised European Union (EU) NIS 2 cybersecurity directive, which outlines increased measures for resilience against cyberattacks, minimizing vulnerabilities, and improving cyber defense. NIS 2 will be in effect October 2024. CyCognito\u2019s continuous monitoring and prioritization of cyber risks will help the organization keep compliant with BSI ACT and NIS 2 regulations.<\/p>\n\n\n\n \u201cWhatever you do, you need some kind of transparency, some kind of information, how your outside facing landscape looks like for hackers. I would recommend CyCognito because it\u2019s easy to use.\u201d<\/p>\n\n\n\n As the healthcare landscape evolves, so will Asklepios’ security strategy. CyCognito will continue to play a vital role in protecting patient data, ensuring regulatory compliance, and enabling Asklepios to navigate the ever-changing threat landscape confidently.<\/p>\n\n\n\n![\"\"](\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/Impact-Analysis-Asklepios.webp\")
<\/figure>\n\n\n\nStreamlining Vulnerability Management and Remediation<\/h2>\n\n\n\n
Stakeholder Reporting on Asklepios Security Posture Improvements <\/h2>\n\n\n\n
Looking Ahead<\/h2>\n\n\n\n