IoT Case Study: Enhancing Data Security in Healthcare with Managed Detection and Response
- Cybersecurity & Privacy - Endpoint Security
- Cybersecurity & Privacy - Intrusion Detection
- Healthcare & Hospitals
- National Security & Defense
- Procurement
- Quality Assurance
- Structural Health Monitoring
- Tamper Detection
- Cybersecurity Services
The case study revolves around a leading private hospital in London, UK, founded in 1982, that was grappling with the challenge of safeguarding large volumes of sensitive and private patient data. The hospital, like all healthcare institutions, had to manage and maintain a wide range of specialist systems, including life-saving medical equipment. Ensuring these systems were always operational and that patient data could be accessed and shared across the network instantaneously was crucial. At the same time, the hospital had a strict duty to prevent this sensitive information from falling into the wrong hands. The hospital also had to comply with the requirements of the GDPR, NIS Directive, and Care Quality Commission (CQC), which mandate that personal data is suitably protected and breaches are promptly detected, responded to, and reported. Despite having firewalls and antivirus software, the hospital sought to improve visibility of events inside its network to detect advanced threats capable of evading these controls. The hospital's IT department, a team of six, lacked the resources to manage the technologies required for 24/7 security monitoring.
The customer in this case study is a leading private hospital based in London, UK. Founded in 1982, the hospital has a reputation for illustrious patronage and is known for processing large volumes of sensitive and private patient data. The hospital manages and maintains a wide range of specialist systems, including life-saving medical equipment. It is committed to ensuring that these systems are always operational and that personal patient data can be accessed and shared across a network instantaneously to facilitate medical care. The hospital also has a strict duty to protect this sensitive information from unauthorized access. Furthermore, it is obligated to comply with the requirements of the GDPR, NIS Directive, and Care Quality Commission (CQC), which mandate the protection of personal data and prompt detection and response to breaches.
To address these challenges, the hospital turned to Redscan's Managed Detection and Response (MDR) service. The Head of IT for the hospital spent considerable time researching suitable providers and found that Redscan offered a high level of specialist security expertise and technology, plus support to manage cyber incidents. The MDR service combines 24/7/365 security professionals, best-in-class network and endpoint detection tools, and up-to-the-minute industry intelligence to help the hospital identify, contain, and respond to cyber threats. The MDR deployment comprises of AlienVault® USM Anywhere™ and Carbon Black Response. These two solutions enable Redscan to achieve wide visibility of events across the hospital’s network and endpoints to detect and respond swiftly to malicious activity. The network and endpoints are strengthened with detection and monitoring geared towards identifying a wide range of threats, from malware and ransomware to suspicious account activity.