Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Learn about the best practices for developing SIEM use cases. Join our webinar on August 4th.

Overview

An MDR solution to safeguard critical patient data

A leading private hospital, with illustrious patronage, must ensure sensitive patient data is always suitably protected. Confidence has been achieved by subscribing to ThreatDetect™, Redscan’s award-winning Managed Detection and Response service, for proactive network and endpoint monitoring. The hospital now has peace of mind it is doing all it can to protect patient data and maintain operational resilience.

Industry
Medical
HQ
London, UK
Year Founded
1982

The Challenge

Summary

  • Large medical team
  • Highly sensitive information
  • GDPR, CQC, NIS compliance

Few organisations need to process such large volumes of sensitive and private data as those in the healthcare sector. It is therefore no exaggeration to describe the hospital’s need for operational resilience as critical.

Like all hospitals, this company must manage and maintain a large range of specialist systems, including life-saving medical equipment. Ensuring that these systems always operational, and that personal patient data can be accessed and shared across a network instantaneously in order to facilitate medical care is paramount. Simultaneously, a strict duty exists to ensure that such sensitive and personal information does not end up in the wrong hands.

The organisation must also ensure that it is compliant with the requirements of the GDPR, NIS Directive and Care Quality Commission (CQC), which mandate that personal data is suitably protected and breaches are promptly detected, responded to and, when necessary, reported.

The hospital had firewalls and antivirus software, however wanted to improve visibility of events inside its network in order to detect advanced threats capable of evading these controls. At the hospital, security is viewed as a sub-function of the IT department, but the team of six just didn’t have the resources to manage the technologies required to perform 24/7 security monitoring alongside other day-to-day responsibilities.

Our patients trust us to protect their personal information and by working with Redscan, we extend that trust to them.
Head of IT
Private Hospital

The Solution

Summary

  • 24/7 network and endpoint monitoring
  • Continual protection of systems and data
  • Wide visibility of events

Knowing that the hospital needed a managed service to provide the capabilities required for proactive network monitoring, the Head of IT for the hospital spent considerable time researching suitable providers to find a solution that met his requirements. Redscan and its Managed Detection and Response service, ThreatDetect, stood out from the crowd, offering a high level of specialist security expertise and technology, plus support to manage cyber incidents.

Combining 24/7/365 security professionals, best in class network and endpoint detection tools and up-to-the minute industry intelligence, ThreatDetect helps the organisation identify, contain and respond to cyber-threats, ensuring the continual protection of the organisation’s systems and data.

The ThreatDetect deployment comprises of AlienVault® USM Anywhere™ and Carbon Black Response. Combining these two solutions enables Redscan to achieve wide visibility of events across the hospital’s network and endpoints in order to detect and respond swiftly to malicious activity whenever it occurs. The network and endpoints are strengthened with detection and monitoring geared towards identifying a wide range of threats, from malware and ransomware to suspicious account activity.

The Results

Quick and hassle-free technology deployment
When deploying ThreatDetect, Redscan’s engineering team worked hand in hand with the hospital's IT team to design and deploy a solution that is needs-driven and provides maximum threat visibility. The technology underpinning the solution was installed and then configured to meet the team’s exacting requirements.
24/7 network and endpoint monitoring
Redscan’s CSOC professionals monitor the company's infrastructure around the clock and investigate, analyse and triage security alerts generated by the underlying technologies. In the first six months following the deployment of the service, the hospital's systems generated over 6200 security alerts. The team at Redscan triaged every one of these alerts to remove false positives and ensure that only genuine incidents were reported for remediation.
Swift incident response
Redscan’s CSOC is always on hand to not only report threats but help the hospital respond to them. On one particular occasion, it was on the receiving end of an advanced persistent malware attack that targeted multiple endpoints and sought to harvest user credentials and exfiltrate data. Using Carbon Black Response, the Redscan’s team was able to quickly identify infected endpoints, isolate them from the network and analyse the chain of events associated with the attack to help prevent similar style attacks. Had ThreatDetect not been engaged at this time, it’s likely that the attack would have caused significant damage to the hospital’s systems.
Clear remediation support
Following the detection of incidents, Redscan’s CSOC analysts provide all the advice and support that the hospital needs to quickly address issues and minimise any potential disruption. CyberOps, Redscan’s proprietary threat management platform, enables the CSOC to communicate securely with the company’s in-house team.
Sideways integration with the in-house IT team
The Head of IT describes Redscan’s CSOC professionals as an extension of his in-house team. He’s on first name terms with Redscan’s analysts and relies on their assistance to not just detect threats but also respond quickly and effectively to them.
Total reporting coverage
Redscan provides weekly and monthly reports that help the management team to stay abreast of the hospital’s security posture. The reports help demonstrate compliance with the GDPR, CQC and NIS Directive to give confidence that appropriate controls are in place.
Cost effective
The hospital are very happy with the value of the service, which offers a huge saving compared to the cost of maintaining an in-house team to provide an equivalent threat monitoring and detection capability. ThreatDetect ensures that the hospital doesn’t need to make a large capital investment in resources, recruit and train staff, or regularly invest in new security technologies.