Turning Around Security Detection Operations

The healthcare provider hadn’t seen the outcomes promised by their Security Analytics vendor and MSSP,  despite the multi-million dollar investments

Improving Security Detection Outcomes At A Nationwide Hospital System


A major healthcare system with more than 85 hospitals and hundreds of ambulatory facilities across the country had invested millions of dollars in a leading Security Analytics solution for their security operations. Additionally, they had engaged a top-tier Managed Security Solutions Provider (MSSP) to operate their Security Operations Center. 

Despite these significant investments, the client had not realized much of the promised results after nearly two years.   

The client selected Tueoris to review the then current state of the solution implementation and recommend changes in their security analytics solution and operations strategies.

What We did

Our work with the client over a three month period included the following specific tasks:


  • Review detection use-cases implemented in the security analytics solution.
  • Analyze data quality – (of) identities, assets, log data and enrichment (contextual) data.
  • Conduct review meetings with the Security Analytics vendor and MSSP to assess/discuss their viewpoints relative to the performance of the solution and operations respectively .
  • Discuss findings/gaps and related solution/strategy recommendations with client sponsor.
  • Shortlist vendors for solution enhancement and MSSP roles .
  • Develop proof-of-concept use-cases for evaluation of new vendors .
  • Conduct POC and help select a vendor who would support the client in solution enhancement and MSSP operations.
  • Develop a detailed implementation plan based on the strategy (developed above) for solution enhancements and MSSP operations .

Why Tueoris

Our focus on meaningful outcomes and the insights/experience we have gathered over a number of years with multiple organizations help us formulate sound and sustainable strategies for security detection programs.

Additionally, we maintain true and complete independence from product vendors and MSSPs, which allows us to devise and recommend options that have the best likelihood of making our clients successful in their initiatives.