Cookie Notice

We use cookies for security, to optimise your browsing experience and anonymously analyse site traffic. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Book a CREST penetration test today. Get a quote.

Overview

An MDR solution to safeguard critical patient data

King Edward VII’s Hospital, a leading private hospital with Royal patronage, must ensure sensitive patient data is always suitably protected. Confidence has been achieved by subscribing to ThreatDetect™, Redscan’s award-winning Managed Detection and Response service, for proactive network and endpoint monitoring. The hospital now has peace of mind it is doing all it can to protect patient data and maintain operational resilience.

Redscan case study
Industry
Medical
HQ
London, UK
Year Founded
1982

The Challenge

Summary

  • Large medical team
  • Highly sensitive information
  • GDPR, CQC, NIS compliance

Few organisations need to process such large volumes of sensitive and private data as those in the healthcare sector. It is therefore no exaggeration to describe King Edward VII’s (KEVII) need for operational resilience as critical.

Like all hospitals, KEVII must manage and maintain a large range of specialist systems, including life-saving medical equipment. Ensuring that these systems always operational, and that personal patient data can be accessed and shared across a network instantaneously in order to facilitate medical care is paramount. Simultaneously, a strict duty exists to ensure that such sensitive and personal information does not end up in the wrong hands.

KEVII must also ensure that it is compliant with the requirements of the GDPR, NIS Directive and Care Quality Commission (CQC), which mandate that personal data is suitably protected and breaches are promptly detected, responded to and, when necessary, reported.

The hospital had firewalls and antivirus software, however wanted to improve visibility of events inside its network in order to detect advanced threats capable of evading these controls. At KEVII, security is viewed as a sub-function of the IT department, but the team of six just didn’t have the resources to manage the technologies required to perform 24/7 security monitoring alongside other day-to-day responsibilities.

Our patients trust us to protect their personal information and by working with Redscan, we extend that trust to them.
Richard Andrews
Head of IT

The Solution

Summary

  • 24/7 network and endpoint monitoring
  • Continual protection of systems and data
  • Wide visibility of events

Knowing that KEVII needed a managed service to provide the capabilities required for proactive network monitoring, Richard Andrews, Head of IT for the hospital, spent considerable time researching suitable providers to find a solution that met his requirements. Redscan and its Managed Detection and Response service, ThreatDetect, stood out from the crowd, offering a high level of specialist security expertise and technology, plus support to manage cyber incidents.

Combining 24/7/365 security professionals, best in class network and endpoint detection tools and up-to-the minute industry intelligence, ThreatDetect helps KEVII identify, contain and respond to cyber-threats, ensuring the continual protection of the organisation’s systems and data.

The ThreatDetect deployment, in the case of KEVII, comprises of AlienVault® USM Anywhere™ and Carbon Black Response. Combining these two solutions enables Redscan to achieve wide visibility of events across KEVII’s network and endpoints in order to detect and respond swiftly to malicious activity whenever it occurs. The network and endpoints are strengthened with detection and monitoring geared towards identifying a wide range of threats, from malware and ransomware to suspicious account activity.

The Results

Quick and hassle-free technology deployment
When deploying ThreatDetect, Redscan’s engineering team worked hand in hand with KEVII’s IT team to design and deploy a solution that is needs-driven and provides maximum threat visibility. The technology underpinning the solution was installed and then configured to meet KEVII’s exacting requirements.
24/7 network and endpoint monitoring
Redscan’s CSOC professionals monitor KEVII’s infrastructure around the clock and investigate, analyse and triage security alerts generated by the underlying technologies. In the first six months following the deployment of the service, KEVII’s systems generated over 6200 security alerts. The team at Redscan triaged every one of these alerts to remove false positives and ensure that only genuine incidents were reported to the KEVII team for action.
Swift incident response
Redscan’s CSOC is always on hand to not only report threats but help KEVII respond to them. On one particular occasion, KEVII was on the receiving end of an advanced persistent malware attack that targeted multiple endpoints and sought to harvest user credentials and exfiltrate data. Using Carbon Black Response, the Redscan’s team was able to quickly identify infected endpoints, isolate them from KEVII’S network and analyse the chain of events associated with the attack to help prevent similar style attacks. Had ThreatDetect not been engaged at this time, it’s likely that the attack would have caused significant damage to the hospital’s systems.
Clear remediation support
Following the detection of incidents, Redscan’s CSOC analysts provide all the advice and support that the hospital needs to quickly address issues and minimise any potential disruption. CyberOps, Redscan’s proprietary threat management platform, enables the CSOC to communicate securely with KEVII’s in house team.
Sideways integration with KEVII’s in-house IT team
Richard describes Redscan’s CSOC professionals as an extension of his in-house team. He’s on first name terms with Redscan’s analysts and relies on their assistance to not just detect threats but also respond quickly and effectively to them.
Total reporting coverage
Redscan provides weekly and monthly reports that help KEVII’s management team to stay abreast of the hospital’s security posture. The reports help demonstrate compliance with the GDPR, CQC and NIS Directive to give confidence that appropriate controls are in place.
Cost effective
KEVII are very happy with the value of the service, which offers a huge saving compared to the cost of maintaining an in-house team to provide an equivalent threat monitoring and detection capability. ThreatDetect ensures that the hospital doesn’t need to make a large capital investment in resources, recruit and train staff, or regularly invest in new security technologies.