“Arctic Wolf as our partner ensures that, given our limited resources, we feel safer and more proactive in closing the loopholes that could get us in trouble.”
— Kevin Conroy, Director of Information Security, Gifford Health Care
Beyond saving lives and improving patient quality of life, the healthcare industry faces another daunting task—safeguarding patient data, business operations, and revenue from today’s cybercriminals. As cyberattacks in healthcare become more sophisticated, hospitals will face increased exposure to malpractice claims and potential lawsuits, according to Moody’s Investor Service.
The situation is especially difficult for smaller healthcare providers that lack the financial means to weather a data breach. Many of these providers haven’t invested in the kind of technology that can improve their security posture against the growing legion of threat actors.
Gifford Health Care knows this situation well. After learning of a breach at a large nearby university health system—and tens of millions of dollars in fines as a result— Gifford’s security team knew it was time to act before they also found themselves on the receiving end of a devastating cyberattack.
“No matter how big or small a hospital is, we all have to maintain the same standards for security, medical records, and patient access,” said Kevin Conroy, director of information security at Gifford Health Care. “We can’t afford to have an attack like the one at the nearby medical center. At the same time, we can’t afford to have people dedicated internally to monitoring and responding to threats all the time.”
Seeking a Partner to Improve Security
Gifford began exploring its options for working with a third-party security operations provider. It wanted to enhance its security posture, get more insight into its network, and find the right solutions to make the healthcare organization as secure as possible. Gifford’s security team looked at a variety of cybersecurity solutions and narrowed the field to Arctic Wolf and two category competitors.
While Gifford’s security team found each solution’s capabilities relatively comparable, Arctic Wolf’s security operations solutions stood out for its concierge-level service, the Arctic Wolf team’s openness to questions, and overall proactive approach to fortifying the network.
“Arctic Wolf had an open policy on engaging with us. If we had questions, they said ‘Just reach out and ask us,’” said Joshua Trudeau, infrastructure and systems architect at Gifford Health Care. “The other solutions were very structured and rigid. We wanted to work with a true partner.”
For example, during the evaluation process, Gifford discovered the other solutions limited the number of incidents by type, as well as specified the number of reports it would receive. In contrast, the Arctic Wolf solution didn’t impose those limits.
Given the small security team at Gifford, having a potential partner that encouraged conversational engagement provided the team with needed assurance. Lacking the capacity to check everything all the time, the Gifford team wanted a partnership built on consultation and prioritization—and, most of all, trust.
Improving Its Security Posture via Collaboration
Gifford’s security team signed on with Arctic Wolf and its Arctic Wolf® Managed Detection and Response solution. Right away, Arctic Wolf brought issues to Gifford’s team that could arise and threaten the healthcare provider’s security. Based on that information, Gifford acted on the recommended changes to reduce its vulnerability.
“I’ve been very impressed that they talk to us about issues we might have,” said Conroy. “Given our limited resources in staff and money, we feel safer and more proactive.”
Having in-depth reporting has also helped Gifford’s team get the hospital’s senior management behind new initiatives to improve the organization’s security posture. While senior leadership can tire of IT staff requesting changes, having the information from the reports made the case more readily apparent and compelling.
Integrating Email Protection
Today, email and user identity are two vectors for major cyberattacks. Attacks on credentials, phishing, malicious links, and ransomware are on the rise. To guard against these types of attacks, Gifford has partnered with Mimecast for cloud cybersecurity services for email. And Arctic Wolf Managed Detection and Response is now integrated with Mimecast’s solution.
“Arctic Wolf’s solution was set up to communicate with Mimecast and it worked perfectly,” said Trudeau. “Our first report was interesting. We were able to see all the users that were logging into the portal and receiving an encrypted message.”
In one case, Arctic Wolf’s reporting identified an email account that someone was trying to log into from Nigeria. When they investigated, the Gifford team was relieved to learn that the account had already been disabled.
“With the Arctic Wolf reports, I can actively monitor in a way that’s easy to understand and digest,” said Trudeau. “Knowing we have the continuous support we need and a solution that actively monitors during the hours I’m not at work is huge.”