Building a strong defense against increasingly sophisticated attacks

 Dr. Sam Amirfar, CIO, discusses healthcare security.

Members of the C-suite are often asked, "What keeps you up at night?" The answer is almost always the same: Fear of becoming the next big breach. The Brooklyn Hospital Center, like all healthcare institutions, is particularly vulnerable because medical records go for a premium price on the dark web.

It's a different world than it was 10 years ago. Ever since Bitcoin took off—and there became a way to anonymously pay ransoms—it's been much more difficult to secure our data. And if we can't secure our data, we can't operate properly or be effective providers for the community we've served for over 175 years.

Because the stakes are so high—and threats are more sophisticated than ever—we need constant monitoring of our systems. But we can't do it alone. We rely on Cisco Managed Detection and Response (MDR) to protect our environment 24/7 so we can focus on what matters most: Keeping Brooklyn healthy.

Why we chose Cisco MDR to protect critical patient data

The Brooklyn Hospital Center runs on Cisco—from our new, modernized contact center to our connected imaging technology and the thousands of IoT devices that help us improve patient care. When the pandemic hit, we were one of the first hospitals in the metro area to set up an onsite tent facility to safely test and screen patients. We could not have done that without having the powerful security architecture and operations that Cisco MDR provides.

Building a 24/7 SOC is no small feat—especially for an independent community hospital. Our team is small, our budget is limited, and talent is increasingly difficult to find and retain.

We went through an extensive evaluation process, trialing similar services from other vendors. But none of the others provided everything we were looking for. The decision to go with the MDR offering from Cisco Customer Experience (Cisco CX) ultimately came down to four things:

1. Trust and confidence in the Cisco brand
2. Cisco CX expertise and the breadth of security offerings
3. Talos threat intelligence
4. Our existing investments in Cisco's security architecture, including Cisco Secure Endpoint and Cisco Umbrella solution.

Overall, the entire experience was seamless. The Cisco CX team helped us create response playbooks, and we were up and running in about two weeks.

Keeping us focused on innovation, not security

One of the best things about the Cisco MDR service is that it does a lot of the heavy lifting for us so we can concentrate on our mission and innovation, versus trying to be the best at security. In one recent month alone, we logged 148,000,000 raw security events. Of those, Cisco analysts identified 248 that warranted further investigation. Less than a third of those were passed along to us—with expert guidance—for final resolution. That's a huge shift from the old world when alert fatigue was a real problem.

We got to see the accelerated threat response in action one Saturday night when we received an alert for what appeared to be a legitimate breach. After running the playbook and isolating the machine, we discovered it was a false alarm triggered by a scheduled test. Still, it was reassuring to know that Cisco MDR caught the "fake attack" so quickly.

Growing with Cisco

As downtown Brooklyn grows, The Brooklyn Hospital Center is growing with it. We're in the middle of a major transformation that includes a new emergency department, dialysis clinic, and state-of-the-art facility that will help us meet the needs of our community for many years to come.

We're hopeful and optimistic about what the future brings. We have an excellent team that shows up every day to ensure the hospital provides the best care possible. And we have Cisco, giving us the best foundation to make it more secure.