Challenges in Hospital Cybersecurity
AZ Vesalius, a prominent Belgian hospital with 326 beds and 900 staff, faced critical cybersecurity challenges due to an outdated and complex security infrastructure. The hospital was at risk from ransomware, business email compromise, and inadvertent disclosure-related attacks. Thousands of Internet of Medical Things (IoMT) devices were either unprotected or undiscovered, posing a significant threat to patient data security.
Requirements for Enhanced Security
To support innovative medical technology and optimize patient care, AZ Vesalius required a comprehensive security solution. The hospital aimed to provide complete visibility across integrated enforcement points, reduce attack surface with segmentation, prevent both known and new unknown attacks, and contain security costs. The goal was to streamline security management and strengthen cybersecurity.
The Solution with Cortex XSOAR
AZ Vesalius partnered with Palo Alto Networks and implemented a robust security strategy using a combination of Palo Alto Networks MLPowered Next-Generation Firewalls, Cloud-Delivered Security Services (IoT Security, Threat Prevention, WildFire, DNS Security, URL Filtering), Cortex XDR, and Cortex XSOAR. This integrated solution provided the hospital with the necessary tools to address their cybersecurity challenges effectively.
Network Security and Segmentation
The hospital deployed ML-Powered Next-Generation Firewalls in each data center, enabling complete visibility and control over the medical network. Over 50 VLANS were created to segment hospital services, servers, and medical devices based on data sensitivity. This approach allowed for targeted security measures without compromising overall network integrity.
Cloud-Delivered Security Services
The implementation of Cloud-Delivered Security Services added an extra layer of protection to medical devices, users, applications, and data. Services like Threat Prevention, WildFire, URL Filtering, GlobalProtect, and DNS Security enhanced security measures across the hospital's network. The IoT Security service was particularly valuable, identifying vulnerable devices and ensuring comprehensive network security.
Endpoint Security with Cortex XDR
Cortex XDR provided unified detection, investigation, automation, and response capabilities for AZ Vesalius. By integrating managed endpoints with network data, Cortex XDR detected and responded to potential threats effectively. The platform leveraged machine learning to analyze user and endpoint behavior, enhancing threat detection and prevention.
Enhanced Automation and Response with Cortex XSOAR
AZ Vesalius is testing the Cortex XSOAR security orchestration, automation, and response platform to further enhance their security operations. Cortex XSOAR integrates case management, collaboration, and threat intelligence management, streamlining incident lifecycle management. The platform's playbooks automate response actions, improve investigation quality, and may eventually be deployed in a managed SOC setting.