DTX Manchester DTX Manchester
  • About Us
Monday, 18 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Putting security first – a case study

NHS Management’s CIO and systems architect describe their company's journey to a security-first mindset with help from AT&T Cybersecurity

by The Gurus
January 4, 2021
in Case Studies, Featured, Guru's Picks
health
Share on FacebookShare on Twitter

NHS Management provides administrative and consulting services for over 50 individual healthcare facilities and companies across four states in the US southeast region. Naturally, quality of care is the number one priority, as is protecting patient data in such a highly regulated environment and no compromises between the two can be made. Stephen Locke, CIO for NHS Management explained: “There are a lot of unique challenges in healthcare when it comes to cybersecurity, particularly with the increase of regulations over the past ten years as well as the complexities that come with managing inpatient records and securing communications between vendors and third parties.”

 

Roughly three years ago, during a long holiday weekend, NHS Management found itself at the mercy of cyber-attackers who hit the company with ransomware at a time when they knew most people would be out of the office. Though no data was compromised, it took about a week to get the desktops back up and running again after NHS Management paid the ransom. It was at this time that Stephen had been looking for a more comprehensive security solution that would give his teams vital visibility into the network to be able to detect and respond more quickly to security incidents, such as ransomware.

 

He realised that with a smaller security team in place, which was headed by Cole Two Bears, a systems architect at NHS Management, the company was lacking the means and manpower to see all the possible indicators of compromise. The company had been using several point security solutions, but without a central point of management, the logs piled up and going through them all was a difficult task. Stephen and Cole chose to use AT&T Cybersecurity’s Managed Threat Detection and Response service instead of building out a dedicated in-house security operations centre (SOC).

 

This was taken as a business decision and thus, NHS Management began its security-first journey. “Cybersecurity has to be a business decision rather than a technical one and this realisation was pivotal for us,” Stephen said. Cole expanded further and noted that business support of what’s transpiring across the network is key because you can only secure what you can see, so there has to be “a strong focus on security from within the organisation.”

 

The deployment also had to be done in a way that didn’t disrupt users’ workloads – something that is very important in a healthcare setting. And while Stephen said he is not a fan of outsourcing for outsourcing’s sake, he also stated: “In our case with limited personnel resources, it made sense from a business perspective, but also financially, as the AT&T Managed Detection and Response service is less costly than having to hire several new skilled security team members.”

 

The pandemic has also brought about other challenges for Stephen, Cole, and his team as users have the expectation that they will have access to the data they need, regardless of their physical location. And they also expect to be able to access it securely.

“What we have is a highly sensitive dataset that people really want to get their hands on because they can use it for a lot of different things, so we’re very much a rich target for attackers, but then you have the regulations as well,” Stephen said. “And when you add COVID on top of it, what you’re really adding is the complexity of spreading out your workforce even more. With more and more people working outside of your perimeter walls, you need to provide that line of communication is highly secure, and people can get to it all the time and make sure you’re able to submit all the information that you need to the state government, national government, and the like.”

 

NHS Management has benefited from the AT&T Managed Detection and Response service further as it frees up the existing security team to spend more time researching attack patterns and threats to help them better configure their environment. They can also take advantage of AT&T Cybersecurity’s extensive knowledge of what’s happening globally and affecting similar organisations.

 

“With AT&T Managed Threat Detection and Response, I’m confident the ransomware issue we experienced previously wouldn’t have happened. We’ve been delighted and impressed with the service which allows our small security team the time to deliver on other important projects. Not having enough human capital is a problem many organisations face, making a managed security service an ideal option,” Cole concluded.

 

Watch the full webinar here to hear more about how NHS Management is benefiting from a security-first mindset: https://cybersecurity.att.com/resource-center/webcasts/leading-with-a-security-first-mindset-lessons-learned-with-nhs-management

0 0 vote
Article Rating
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Ticketmaster fined $10m for hacking their competitor

Next Post

Russia possibly behind government agency hacks

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

game

400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack

January 15, 2021

XSS vulnerability affects government websites

January 15, 2021

COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office

January 15, 2021
CCTV used to spy

Ethics Officer Facing Cyberstalking Charge

January 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept