Skip to Content

ReliaQuest Helps Moffitt Treat Reactive Security Woes

Moffitt Cancer Center Achieves Best-In-Class Security Operations Through Partnership with ReliaQuest.

The Challenges


Established in 1982, Moffitt Cancer Center is a nonprofit cancer treatment and research center located in Tampa, Florida. As one of the leading cancer centers in the United States, Moffitt has the Southeast’s largest blood and marrow transplant and treatment program, with 10,000+ employees supporting more than 350,000 patient visits a year.

Moffitt’s IT security team includes a Threat Analytics Center (TAC) with six analysts focused primarily on threat hunting, analysis, and response; and a Cyber Operations team, which handles day-to-day operations, risk assessments and management, and more. The team, formerly led by Chief Information Security Officer (CISO) Dave Summitt, is dedicated to protecting Moffitt from cyber threats that could interfere with its critical mission “to contribute to the prevention and cure of cancer.”

decor decor
Difficulty Ensuring Coverage Beyond Work Hours
The Risk of Threats, both Internal and External
Increasing Frequency of Phishing Scams

The Solution

Not only did ReliaQuest help the Moffitt team to optimize their tools, detection, and alerting capabilities, but because ReliaQuest partners with other industry leaders in healthcare, Moffitt can benchmark its program against peers. This insight, delivered via the Security Model Index, helps to show where they’re improving, where they are best-in-class, and where they need to focus additional effort.

These reports armed Summit to have conversations with his team and show his executive staff and Board how they were decreasing risk for the organization. These benchmarks and insights also helped Summit to project the impact of additional security investment—and secure needed funding.

Reports that Enabled better Team Conversations on Security Posture

Board Ready Metrics on how they were Decreasing Risk for the Organization

Optimized their Tools, Detection, and Alerting Capabilities

The Outcomes

One powerful proof point that underscores the efficacy of Moffitt’s security team is their attainment of a 3.5 maturity level for IT governance and information management, based on ISACA’s 5-level COBIT framework. That score is even more impressive when you consider that Summitt essentially built Moffitt’s security team from the ground up when he joined the organization about six years ago.

  • Board-ready security metrics and industry benchmarking
  • < 7 days implementation time
  • 3.5 COBIT score
Our 3.5 COBIT score places us in the top 51% of all healthcare organizations,” said Summitt. “And I think Level 4 is completely attainable for us now that we have added ReliaQuest’s GreyMatter to our suite of tools, which will help our team to be even more accurate, fast, and efficient in our work. I can’t stress enough how impactful ReliaQuest is. Frankly, we’d have to take a step backward without the expertise and automation we get from GreyMatter coupled with ReliaQuest’s 24/7/365 security operations team.
Image Description

Unified Visibility Across Security Technologies, Improving Risk Awareness and Enabling More Efficient Workflows
Enriched Data Sets, Providing Additional Context and Insights for More Accurate Threat Detection and Faster Response
20% Time Gains Each Month, Allowing Moffitt to Focus on Proactive Initiatives

Security Operations Made Possible with ReliaQuest GreyMatter

Increase visibility, reduce complexity, and manage risk across your existing tools with comprehensive protection unified under a single security operations platform.

GreyMatter's security operations platform dashboard