Kalman Tiboldi - CTO & Founder at GemOne-TVH - Simplify or Die: Why Complexity Is the Real IT Challenge
Belgium Sep 13, 2025 All Members Physical english
Join us for a wonderful ride. The ride is accessible to all levels of riders and doesn't require extensive technical skills. More information will follow soon. Looking forward to ride together!
Read More.png)
Germany Sep 17, 2025 Country Members Physical german
Cybersecurity ist längst kein reines IT-Thema mehr – sie betrifft das gesamte Unternehmen. Doch während die Bedrohungslage zunimmt, geraten viele Security-Verantwortliche an ihre Belastungsgrenzen: zwischen 24/7-Verantwortung, wachsenden Anforderungen und dem ständigen Innovationsdruck.
Read More
Germany Sep 17, 2025 Country Members Physical german
IT-Betrieb und Cybersicherheit stehen heute unter extremem Druck: steigende Komplexität, wachsende regulatorische Anforderungen (NIS2, DORA, KRITIS), chronische Ressourcenknappheit – und gleichzeitig eine Bedrohungslage, die keine Verzögerungen duldet. Trotzdem agieren viele IT- und Security-Teams noch immer in Silos. Die Folge: ineffiziente Abläufe, Tool-Wildwuchs, langsame Reaktion auf Vorfälle und unklare Verantwortlichkeiten.
Read More
Germany Sep 18, 2025 Country Members Virtual german
Nachhaltigkeit ist für CIOs nicht nur ein „Nice-to-have“, sondern eine strategische Priorität – sie beeinflusst direkt die finanzielle Performance, die operative Effizienz und die langfristige Wettbewerbsfähigkeit.
Read More.png)
Belgium Sep 18, 2025 Country Members Physical french
La dette technique est comparable à la négligence des réparations d'une maison. Ignorer un toit qui fuit peut faire gagner du temps aujourd'hui, mais cela pourrait conduire à l'effondrement du plafond plus tard. Pour remédier à la dette technique, il faut trouver et réparer ces fuites dès maintenant et mettre en place un plan d'entretien de la maison afin qu'elle soit prête pour les extensions futures. Pour résoudre ces problèmes, il faut définir des priorités stratégiques, communiquer clairement avec les parties prenantes et établir une feuille de route à long terme pour la modernisation. Cet événement se déroulera entièrement en français.
Read More-1.png)
UK Sep 22, 2025 Invitation Only Physical english
Join us on September 22nd for the first event from the next phase of our CIO series executive roundtables from CIONET, Cognizant and Google Cloud.
Read More
MedImpact protects healthcare data with multilayered security approach
Protects healthcare data with multilayered security approach
OVERVIEW
MedImpact Healthcare Systems is the largest privately held pharmacy benefit manager (PBM) serving health plans, self-funded employers, and government entities globally. Founded in 1989, MedImpact delivers pharmaceutical and technology-related solutions that improve the value of healthcare and sets standards that optimize satisfaction, cost, service, and quality in the healthcare industry. Headquartered in San Diego, California with offices in the United States (Arizona, Michigan), UAE, and China, MedImpact processes more than 1 million healthcare claims daily.
MedImpact operates two primary data centers, with databases and configurations replicated in real time. In addition, the company has three call centers, which are staffed 24/7, as well as private network routing centers for transmitting healthcare information in compliance with HIPAA and other regulations.
EDR accelerates the threat analytics process so we can get to the solution faster. That’s critical because we see sophisticated attacks every day.
Frank Bunton
Vice President and CISO, MedImpact
CHALLENGES
MedImpact’s primary mission is protecting patient information. The company’s data centers are regularly audited to ensure compliance with HIPAA, payment card industry (PCI) standards, and other regulations, but it is always looking for additional protection for its multilayered defenses to guard against advanced attacks.
MedImpact’s approach to security is to deploy a defense-in-depth strategy, using multiple layers of security controls throughout the system. A key challenge was finding security solutions that could communicate with each other and share valuable data in real time.
“Independent security vendor solutions should be able to communicate and work together to detect potential security-related issues,” said Frank Bunton, MedImpact vice president and chief information security officer (CISO). “Without this critical communications capability, security solutions are limited to their internal ability to detect and destroy malware.”
WHY TREND
An existing customer of TippingPoint Intrusion Prevention System (IPS), MedImpact was pleased when Trend Micro acquired TippingPoint in 2015. At the same time, MedImpact was looking to add a layer of advanced threat protection to its defense-in-depth strategy. The company began a proof of concept (POC) for products from three different vendors, including Deep Discovery. “Deep Discovery was a no-brainer. It outperformed the competitors and was well respected by Gartner,” said Bunton.
In addition to security on the network, MedImpact added endpoint protection with Trend Micro Apex One as a Service to take advantage of the cloud offering on the endpoint.
A lot of good things happen with a multilayered security infrastructure—from greater efficiency and scalability to peace of mind that our system and data are protected.
Frank Bunton
Vice President and CISO, MedImpact
SOLUTION
MedImpact deployed Deep Discovery Inspector and Deep Discovery Analyzer in 2015. Deep Discovery Inspector monitors traffic across all ports and more than 80 protocols and applications to identify malware, command-and-control (C&C) exploits, and activities signaling an attempted attack. The solution also automatically shares detection intelligence with Deep Discovery Analyzer, TippingPoint, and other security products to block further attacks.
When MedImpact began migrating to the cloud in 2019, the company upgraded to Apex One as a Service and Endpoint Sensor to gain EDR capabilities. “EDR accelerates the threat analytics process so we can get to the solution faster. That’s critical because we see attacks every day on just about every network,” says Bunton.
The Trend Micro Apex Central management console provides a single monitoring point and reporting mechanism for all security products across the network. It integrates with Trend Micro Deep Discovery Analyzer and TippingPoint appliances to provide suspicious file analysis, malicious remediation, and potential escalation to the Trend Micro analysis team across endpoints and networks.
“With Apex One as a service, we were able to migrate our endpoint protection capabilities to the cloud, benefiting from advanced and automated threat detection and an easy-tomanage SaaS console. The SaaS solution also ensures we are always on the latest version and no longer need to maintain an on-premises infrastructure.”
RESULTS
All of MedImpact’s Trend Micro endpoint security products are integrated into the company’s third-party security information and event management (SIEM) services, with the Apex Central management hub. Apex Central expands the capabilities of the individual security components by allowing them to work together to solve security issues and provides a remediation timeline for compliance auditors when needed. “Integration means the types of solutions you can apply to security problems expands exponentially. The other option is chasing malware up and down the network, and I’ll never win that race,” says Bunton.
Apex One as a service, TippingPoint, and Deep Discovery work together to provide MedImpact with the layered defense it needs to support its defense-in-depth security strategy, along with the ability to rapidly deploy new appliances. In addition, the automatic configuration of appliances to support privacy and compliance requirements saves even more time and further bolsters security. “A lot of good things happen with a multilayered security infrastructure—from greater efficiency and scalability to peace of mind that our system and data are protected,” says Bunton.
WHAT'S NEXT
MedImpact is currently migrating to Microsoft Office 365 Exchange. As it does, the company is currently deploying Trend Micro Cloud Email Gateway Services to scan email in real time without impacting email flow.
The company is also currently deploying Trend Micro Deep Security. “The fact that Deep Security interacts with our servers on a virtual basis ensures that our applications won’t be interrupted, which is critical because our systems have to be operational 24/7/365.”
Kalman Tiboldi - CTO & Founder at GemOne-TVH - Simplify or Die: Why Complexity Is the Real IT Challenge
.png)
Isabelle Droll - CIO for Airline, Corporate, Hotels & Resorts and Sustainability at TUI - Data, Diversity, and Destinations
.png)
Sharon Prior - CIO in transition - How Great Tech Leadership Begins with Business Thinking
-1.jpg)
José Antonio López, Group CIO at TOUS - Jewels, Data & AI: Inside the Digital Transformation of TOUS
.png)
Tom Tanghe - General Manager ITC EMEA at Daikin Europe - Reinventing the CIO Role
.jpg)
CIOFEST 2025 - From Order Taker to Proactive Disruptor
Geopolitical tensions have dominated the headlines for over two years now. In this context, the cyber threat landscape is also evolving rapidly. The protection and security of critical infrastructure – both physical and digital – is becoming increasingly important.
.png?width=600&height=600&name=Anna%20Kopp%20(1).png)
