Putting security first – a case study

NHS Management provides administrative and consulting services for over 50 individual healthcare facilities and companies across four states in the US southeast region. Naturally, quality of care is the number one priority, as is protecting patient data in such a highly regulated environment and no compromises between the two can be made. Stephen Locke, CIO for NHS Management explained: “There are a lot of unique challenges in healthcare when it comes to cybersecurity, particularly with the increase of regulations over the past ten years as well as the complexities that come with managing inpatient records and securing communications between vendors and third parties.”

Roughly three years ago, during a long holiday weekend, NHS Management found itself at the mercy of cyber-attackers who hit the company with ransomware at a time when they knew most people would be out of the office. Though no data was compromised, it took about a week to get the desktops back up and running again after NHS Management paid the ransom. It was at this time that Stephen had been looking for a more comprehensive security solution that would give his teams vital visibility into the network to be able to detect and respond more quickly to security incidents, such as ransomware.

He realised that with a smaller security team in place, which was headed by Cole Two Bears, a systems architect at NHS Management, the company was lacking the means and manpower to see all the possible indicators of compromise. The company had been using several point security solutions, but without a central point of management, the logs piled up and going through them all was a difficult task. Stephen and Cole chose to use AT&T Cybersecurity’s Managed Threat Detection and Response service instead of building out a dedicated in-house security operations centre (SOC).

This was taken as a business decision and thus, NHS Management began its security-first journey. “Cybersecurity has to be a business decision rather than a technical one and this realisation was pivotal for us,” Stephen said. Cole expanded further and noted that business support of what’s transpiring across the network is key because you can only secure what you can see, so there has to be “a strong focus on security from within the organisation.”

The deployment also had to be done in a way that didn’t disrupt users’ workloads – something that is very important in a healthcare setting. And while Stephen said he is not a fan of outsourcing for outsourcing’s sake, he also stated: “In our case with limited personnel resources, it made sense from a business perspective, but also financially, as the AT&T Managed Detection and Response service is less costly than having to hire several new skilled security team members.”

The pandemic has also brought about other challenges for Stephen, Cole, and his team as users have the expectation that they will have access to the data they need, regardless of their physical location. And they also expect to be able to access it securely.

“What we have is a highly sensitive dataset that people really want to get their hands on because they can use it for a lot of different things, so we’re very much a rich target for attackers, but then you have the regulations as well,” Stephen said. “And when you add COVID on top of it, what you’re really adding is the complexity of spreading out your workforce even more. With more and more people working outside of your perimeter walls, you need to provide that line of communication is highly secure, and people can get to it all the time and make sure you’re able to submit all the information that you need to the state government, national government, and the like.”

NHS Management has benefited from the AT&T Managed Detection and Response service further as it frees up the existing security team to spend more time researching attack patterns and threats to help them better configure their environment. They can also take advantage of AT&T Cybersecurity’s extensive knowledge of what’s happening globally and affecting similar organisations.

“With AT&T Managed Threat Detection and Response, I’m confident the ransomware issue we experienced previously wouldn’t have happened. We’ve been delighted and impressed with the service which allows our small security team the time to deliver on other important projects. Not having enough human capital is a problem many organisations face, making a managed security service an ideal option,” Cole concluded.

Watch the full webinar here to hear more about how NHS Management is benefiting from a security-first mindset: https://cybersecurity.att.com/resource-center/webcasts/leading-with-a-security-first-mindset-lessons-learned-with-nhs-management


Article Rating