Healthtech leader secures the data in AI and cloud with Cloud Defense

Solution

• Live inventory of data, LLMs and cloud assets
• Data-centric prioritization of security findings
• Active detection of data flows and attacks in progress

Why they chose Cloud Defense

• Single platform for data security in AI and cloud
• Superior prioritization of security findings
• Track data risk posture over time for the organization

Taking cloud data security to the next level

The Healthtech company builds next-generation medical devices and has over 200 employees in the US. Their customer-base and healthcare providers have grown rapidly over the years and so has the number of cloud-native applications running on AWS Cloud.

This exponential growth led to large volumes of managed customer healthcare data across various types of cloud data stores. With the added complexity of data accesses from containers on Kubernetes, LLMs and Lambda functions, it became virtually impossible for the company to assess data risks using their current cloud and data security tools.

Healthtech company CISO is an industry veteran and had several security gigs under his belt. He knew the cost of data breach in healthcare was higher than any other industry, rising to in excess of US$10million in 2022, a 40% jump from the prior year. He needed to identify all types of healthcare related data in the company’s cloud accounts, organize and then secure them.

Having dealt with several security products in the past, he quickly screened the available options on the market and realized they still had the same nagging issue as their current tools: The Noise i.e. the volume of security findings and alerts generated by the products. That prevented his security teams from identifying the most critical findings to address first, collecting the right contextual information and in turn, improving the overall data security posture of the cloud. He also knew that growing the staff to keep up with the endless findings was not an option in the current market environment.

The Solution

So when he saw a demo of Cloud Defense’s data-centric security solution, there was a natural fit. With a pro-active approach to securing the data in AI and cloud, his overwhelmed security team now had more cycles to spare for other important tasks. In addition, the comprehensive visibility on the residency and access of regulated data helped them prepare better for compliance audits. Cloud Defense was ideally suited for his requirements and he has never looked back ever since the solution was deployed.

Cloud Defense continuously scans the cloud environment for all types of data, including sanctioned, shadow, managed and unmanaged data. Once the sensitive data with PII, PCI, PHI or custom-tags is discovered, Cloud Defense tracks the datastores and the flow of sensitive data to cloud assets, authorized users, and beyond.

The product totally operates within the organization’s cloud environment with no “side scanning” or agents needed, so the CISO was assured that no data, including regulated healthcare data, ever left his cloud environment.

The Results

Within minutes of onboarding the cloud account, the CISO and his team were able to visualize all their data in AI and cloud and any live access of such data on the world map. As this data inventory was infused with PII and PHI data tags from the deep scanner as well as the company’s own data catalog, it gave CISO the peace of mind his regulated and sensitive data was being monitored around the clock. It also increased his readiness for data compliance audits such as GDPR and CCPA.

The deep scan also revealed the presence of Mysql and MongoDB on EC2 – essentially shadow data that was installed and then abandoned by developers. The security team was able to use that information to track down the data owner and have them delete the shadow data.

The continuous visibility of sensitive data, LLMs, data flows, user access, and data risks sets Cloud Defense apart from any other solution on the market.

The platform detects and prioritizes security findings as well as in-progress attacks that can lead to a breach of sensitive data.

The prioritized list of data-centric security findings were a significant reduction from the daunting list of high-severity findings the DevSecOps team was typically asked to remediate. In addition, the deep and visual context on why the finding needs to be remediated helped inspire DevSecOps to action.

With Cloud Defense, the security team was able to continuously visualize all data and their risk exposure in the cloud. The complete visibility coupled with the ability to enforce policies on AI and data helped DevSecOps prioritize security findings and reduce data risk exposure of the LLMs.

The periodic reporting from Cloud Defense is helping the CISO capture key achievements of the team (e.g. including derisked LLMs) as well as the organization-level data risk trend, for sharing with other C-level Executives and the company’s Board.

Additionally, the CISO felt emboldened with Cloud Defense knowing the sensitive data used in pilot projects to fine tune the private LLM's and Retrieval Augmented Generation (RAG) to improve the quality of LLMs was completely visible and secure.

With Cloud Defense, the healthcare CISO could consolidate their current cloud security tools and planned data security tools for Gen AI, and was assured their sensitive cloud data is continuously monitored and de-risked at all times.