The healthcare industry remains a prime target for cybercriminals. In 2020, more than 29 million healthcare records were breached—a 25% increase over 2019, according to the HIPAA Journal.
These sorts of statistics keep healthcare security leaders awake at night.
“Like all healthcare institutions, we are particularly vulnerable because medical records go for a premium price on the dark web,” says Dr. Sam Amirfar, CIO of the Brooklyn Hospital Center.
“Ever since Bitcoin took off and there became a way to anonymously pay ransoms, it has been much more difficult to secure our data,” he adds.
That’s why the hospital center turned to Cisco for help.
Threat response in action
The Brooklyn Hospital Center in New York has been serving its community for more than 175 years. In addition to primary and specialized care, it is a teaching institution and is still growing.
“We’re in the middle of a major transformation that includes a new emergency department, dialysis clinic, and state-of-the-art facility that will help us meet the needs of our community for many years to come,” Amirfar says.
In addition, they’re connecting imaging technology and Internet of Things (IoT) devices to improve and speed patient care. Amid this growth, change, and the coronavirus pandemic, the last thing the hospital needed to worry about was data security.
“Because the stakes are so high and threats are more sophisticated than ever, we need constant monitoring of our systems,” Amirfar says.
The hospital deployed Cisco Managed Detection and Response (MDR), a managed security service that monitors and detects threats in the network, cloud, and endpoints. MDR combines an elite team of researchers, investigators, and responders with integrated threat intelligence. It also includes the latest threat research from Cisco Talos.
“One of the best things about the Cisco MDR service is that it does a lot of the heavy lifting for us, so we can concentrate on our mission and innovation versus trying to be the best at security,” Amirfar says.
The implementation took about two weeks and was seamless, with immediate results.
“We got to see the accelerated threat response in action one Saturday night,” he says, “when we received an alert for what appeared to be a legitimate breach.” It turned out to be a false alarm, but he says “it was reassuring to know that Cisco MDR caught it so quickly.”
In one month the hospital’s security operations center (SOC) logged 148 million raw security events. Of those, 248 were identified by Cisco analysts as warranting further investigation, but less than one-third were passed along with expert guidance to Amirfar’s team for final resolution.
A safe and healthy future
The Brooklyn Hospital Center’s CTO, James Safonov, also cites greater visibility as a significant benefit. The institution has 30,000 IP addresses and endpoints on its network every day.
“Before, it was a constant struggle to keep up,” Safonov says. “Now we have greater visibility across the network, cloud, and endpoints and can respond to attacks faster than ever.”
“Now we can focus on what matters most: Keeping Brooklyn Healthy,” Amirfar says.