How VSP Vision™ Gains Nearly 50% More Productivity And Protects The Data Of 85 Million Members

The eyes are windows to wellness, and as the number one vision service provider in the United States, VSP Vision™ helps people see and feel their best. The company provides vision benefits to more than 85 million members and supports a vast network of providers, which makes them a prime target for bad actors.

“Many different companies have fallen victim to multiple attacks,” said Darrell Johnson, Senior Cybersecurity Manager at VSP Vision. “My goal is to make sure that VSP^® doesn’t hit that list.”

VSP serves doctors, members and clients across the U.S. and Canada, providing an array of vision-related services, such as eye care insurance, high-quality eyewear, lenses and lens enhancements, ophthalmic technology, and connected experiences. Facilitating access to these services requires handling a lot of sensitive information.

“We take protecting stakeholder data very seriously,” said Johnson. “The most important asset to our organization is our client base. We want to protect the data associated with our clients, members and doctors the same way we would protect our own data.”

Looking For A New Security Model

To protect data and stay ahead of emerging threats, VSP wanted to build a security operations center (SOC).

“At that time, we didn’t have a true 24/7 support model, which is important for us to be able to thrive and survive in this ever-changing landscape of cyberthreats,” Johnson said.

The company’s previous managed security service provider (MSSP) was primarily compliance-driven, but that wasn’t enough. They needed a partner that could help manage a more comprehensive and responsive security infrastructure with the capability to monitor, detect and respond to security threats around the clock—without losing control of the environment.

“We knew that we didn’t want to fit the standard model of MSSP services,” Johnson said. “We have some very capable engineers on our team who really take security to heart. I wanted to give them the same visibility and capability to evolve the environment themselves.”

VSP had already partnered with Lumen for network services, and they were intrigued when they learned Lumen also provides security and management support. Lumen Virtual SOC (Security Operations Center) struck the perfect balance for Johnson’s team, including services like 24/7 security incident and event management (SIEM) monitoring, incident handling, and expert remediation recommendations.

Strategic Collaboration Helps VSP Divide And Conquer

As part of the SOC collaboration, Lumen handles Tier 1 monitoring responsibilities as well as some Tier 2 tasks, such as evaluating and closing security events. VSP and Lumen worked together to develop shared operational run books that enable Lumen to handle the initial evaluation and resolution of security events and free VSP to concentrate on more complex Tier 2 escalations.

Additionally, Lumen provides VSP licensed access to the RiskSense vulnerability management portal, which helps Johnson’s team identify, track and prioritize vulnerabilities within the VSP environment.

By entrusting routine security investigations to Lumen, Johnson’s team can focus on more detailed investigations and incident responses.

Phishing is of particular concern, and the Lumen VSOC team makes it much easier to catch phishing and other targeted attacks. “If you’re dealing with a phishing attack, you’re processing up to 500 emails per day,” said Johnson. “We didn’t have the human resources to support that. The VSOC team at Lumen helps us process those emails. From there, we’ve been able to move on to larger threats.”

Regular weekly meetings help VSP and Lumen stay connected and in sync about priorities. “We have a really good relationship, and they’ve been able to evolve with us,” said Johnson.

“Threats change every day,” Johnson explained. “We always have to change our threat defense model in terms of how we’re supporting the environment. And each time we make that change, it’s just a quick call to Lumen to talk about what we need them to do and how we need them to adjust their model.”

A System That’s Nearly 50% More Effective

Lumen handles more than 350 potential attacks daily. In addition to saving the team at least 80 hours a week, Johnson said Lumen provides peace of mind.

“They’re a critical part of what we do, allowing us to be roughly 40–50% more effective,” Johnson explained. “Knowing I have someone with eyes on glass 24/7 helps me do the rest of my job more effectively.”

With the robust security solution from Lumen, VSP can identify and respond to attempts quickly, further strengthening their security posture and delivering on their promise to keep sensitive customer data safe.

To see more examples of companies gaining more reliable connectivity, you can read through some of our customer success stories.

LEARN MORE

Current Lumen customer compensated for their endorsement.

^{This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. This document represents Lumen products and offerings as of the date of issue. Services not available everywhere. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ©2024 Lumen Technologies. All Rights Reserved.}