OVERVIEW

Healthcare organizations are an increasingly lucrative target for financially motivated cybercriminals. Throughout the pandemic, hospitals around the world have been hit with surging ransomware levels as highly organized groups use advanced persistent threat (APT)-style tactics to take lifesaving services offline. Elsewhere, patient and employee data remain highly sought-after. Cybersecurity professionals working in the industry warn that breaches could triple over the course of 2021.

Ed Moss, head of enabling IT at Nuffield Health, knows these risks all too well. His role demands oversight of a large, distributed estate that covers over 300 sites, including: 31 hospitals, 113 fitness and wellbeing centres, seven clinics, and multiple corporate locations. That means securing not only servers, storage, and networks, but also end-user computing and unified communications for over 18,000 employees, consultants, and instructors.

SOLUTION

Over the years, Nuffield Health has committed to Trend Micro across multiple layers of IT infrastructure. These include:
Trend Micro Apex One for endpoint security. It offers:

• Comprehensive protection from device control, web reputation, and URL filtering to predictive and runtime machine learning, behavioural analysis, and data loss protection (DLP)
• Centralized visibility and control for consistent security management, visibility, and reporting
• Support for a broad range of devices, applications, and file types
• Automated threat detection and response

Deep Security Software for runtime protection of workloads, delivering:

• Connected security from a single agent across physical, virtual, cloud, and container environments
• Protection against vulnerabilities with virtual patching
• Seamless integration with DevOps via automated deployment and policy management, and tie-ins with orchestration tools such as Chef, Puppet, and Ansible

Deep Discovery Inspector (DDI) for protection against advanced targeted threats via:

• Monitoring of all network ports and over 105 protocols
• Custom sandboxing, which is difficult for attackers to evade
• Trend Micro™ Managed XDR option where Trend Micro experts monitor, investigate, and respond to serious threats at the network layer

Trend Micro Vision One for managed detection and response which enables:

• Smart correlation of threats across multiple layers of defence, including servers, networks, endpoints, email, and cloud workloads
• Increased risk visibility and faster response times
• Simple integration into Trend Micro and third-party tools like security information and event management (SIEM) systems or security orchestration, automation and response (SOAR) solutions

Trend Micro™ Cloud App Security for advanced threat and data protection of Mircosoft 365, Google Workspace™, and other cloud services. It offers:

• Protection from millions of threats annually that native Microsoft and Google filters fail to detect
• Detection of incoming and internal phishing attempts
• Close integration with Trend Micro Vision One for extended detection and response (XDR)

RESULTS

Deep Security Software has provided enhanced protection for Nuffield Health without sacrificing performance, says Moss. “Having a large number of hospitals to manage means plenty of legacy systems and applications which are difficult to remove,” Moss notes. “This is where Deep Security [Software] virtual patching has been a huge win for us.”

Virtual patching is a multi-layered intrusion prevention solution which shields vulnerable software and operating systems (OS) from known and unknown threats. As such, it can buy customers time until a vendor patch is released or protect legacy systems for which patches are no longer available.

Adding Trend Micro Vision One with Trend Micro™ Managed XDR™ capabilities to the mix has also helped Nuffield work more productively, by “cutting out a lot of noise” and ensuring they only deal with the most critical alerts.

“We know Trend Micro has it covered and if anything critical comes in we get alerted. Trend Micro Vision One has definitely allowed us to run a leaner operations team. We don’t have a dedicated SOC or security resource, so we can focus our time in a better way,” says Moss.

Most recently, Nuffield Health switched on Cloud App Security integration with XDR, for enhanced visibility and control all the way from critical services running on hospital desktops to traffic flowing across cloud applications.

“Everything we’re seeing from [a Trend Micro] Apex One and Cloud App Security point of view is joined up and automated now, which allows us to remove false positives and focus on what needs to be done,” says Moss.

WHAT'S NEXT

Over the past 18 months, Nuffield Health has sought to digitally transform many of its IT services to improve cost efficiencies, productivity, and the customer experience. The pandemic has forced it, like many organisations, to accelerate these efforts with things like digital general practitioner (GP) services and online exercise classes. Trend Micro has been able to support these efforts with seamless integration into cloud platforms like Microsoft Azure™ and a SaaS delivery model. During this time, the relationship has continued to mature.

“I’ve worked with Trend Micro for 14 years in various roles and the thing I’ve noticed most is the progression and development of its account management and customer service,” concludes Moss.

“We’re now really involved in direct discussions on the product sets and have a technical resource aligned to the account manager who gives us detailed advice, as well as Premium Support. We feel confident that our next digital steps will be taken on a really secure foundation.”