Success Stories / Healthcare

How Adlumin’s Security Operations Platform Helps a Healthcare Provider Defend Against 250,000 Daily Attacks

Challenges

Protecting a high volume of sensitive patient data makes them an attractive target for cyberattacks.
Limited budget and resources to invest in advanced cybersecurity measures.
Lacked the proper security tools and capabilities to investigate external endpoints effectively.
Need to avoid another complete loss of technology infrastructure after experiencing a ransomware attack that left medical staff unable to access patient data and history for 23 days.
Sought a solution to help Sky Lakes comply with strict regulatory requirements such as the Health Insurance Portability and Accountability Act (HIPAA)

Results

Adlumin’s Security Operations Platform protects Sky Lakes against daily attacks ranging from 150,000 to 250,000 on their intrusion detection system (IDS) or intrusion prevention system (IPS).
Saved time and full-time employee budget with the deployment of Adlumin’s Security Operations Platform by consolidating their cybersecurity tools into one easily managed dashboard.
Utilizes Adlumin’s one-touch compliance and reporting, demonstrating the value of its cybersecurity efforts through comprehensive and informative reports.

Protecting and Serving Over 80,000

Sky Lakes Medical Center (Sky Lakes) is a not-for-profit teaching hospital that serves over 80,000 people in Klamath and Lake counties in south-central Oregon and Modoc and Siskiyou counties in northern California. With a focus on community and patient-centered care, Sky Lakes is committed to providing high-quality healthcare services. As the only hospital in a 10,000-square-mile area, it plays a vital role in ensuring the well-being of its patients and medical staff.

Recognizing the risks cyber threats and attacks have on healthcare, Sky Lakes sought to implement new security measures and proactive strategies to enhance the protection of sensitive data and assist medical staff by providing access to patient history electronically. Before finding Adlumin, they used an endpoint management system, which lacked detection capabilities, visibility, and simplicity.

Experienced a Ransomware Attack During the Height of Pandemic

In October 2020, Sky Lakes fell victim to a ransomware attack via lateral movement that significantly impacted the hospital’s ability to deliver crucial healthcare services during the height of the COVID-19 pandemic. The attack resulted in a complete loss of technology infrastructure, leaving the medical staff unable to access patient data and history for 23 days.

John Gaede, the Director of Information Services at Sky Lakes emphasized the challenges faced by the hospital during this critical time. “Before we brought on Adlumin, we experienced what it was like to lose all of your technology and try to deliver healthcare to take care of our community,” said Gaede.

Access to patient records and history is necessary for the medical staff to avoid immense difficulties in providing appropriate and personalized care to patients. Important medical information such as allergies, previous treatments, and ongoing conditions were inaccessible, making it challenging to make informed decisions about patient care. This lack of access to vital data impacted patient care and posed potential risks to patient safety.

In addition, the ransomware attack occurred amid a global pandemic when healthcare facilities were already strained and overwhelmed. Sky Lakes serves as a crucial healthcare provider in the region, with the nearest hospital being around 100 miles away, making it a lifeline for the community.

Sky Lakes Found Value Within Minutes of Implementation

Finding a trusted cybersecurity tool like Adlumin significantly impacted Sky Lakes’ ability to protect its patients and employees from cyber threats.

After extensive research, their team came across Adlumin and presented the platform to their Chief Financial Officer. By implementing Adlumin’s Security Operations Platform, Sky Lakes gained the ability to monitor and detect potential cyber threats. This level of visibility allows them to respond to any security incident, minimizing the risk of data breaches and ensuring the safety and confidentiality of patient and employee information.

Adlumin’s ease of setup and readiness out of the box played a crucial role in Sky Lakes’ decision to choose the platform. The fact that Sky Lakes found value within minutes, with no need for additional engineering resources, speaks to the simplicity and efficiency of the solution. This saved them time and allowed them to enhance their cybersecurity posture quickly.

“We needed to find a product [like Adlumin] to consolidate some of our log management. And to do that in a way where we don’t need several FTEs [full-time employees] to manage it and set it up.”

-John Gaede, the Director of Information Services at Sky Lakes

Empowers Sky Lakes to Investigate Anomalies

Adlumin’s Security Operations Platform has proven invaluable to Sky Lakes’ security operations, particularly when investigating anomalies. Before implementing Adlumin, Sky Lakes lacked the tools and capabilities to analyze external endpoints. However, with Adlumin’s machine learning and User Entity and Behavior Analytics, Sky Lakes has experienced a significant improvement in its anomaly investigation process. Mike Perryman, the Manager of Technology Systems at Sky Lakes, speaks highly of Adlumin’s impact on their anomaly investigations.

Integrating Adlumin’s Security Operations Platform and Security Orchestration, Automation, and Response (SOAR) into Sky Lakes’ infrastructure has provided them with enhanced visibility and the ability to mitigate potential cybersecurity threats. The platform’s advanced analytics allow them to detect and investigate anomalies they could not previously detect, enabling them to respond proactively to any security incidents.

Protects Against 250,000 Attacks Daily

In addition, Adlumin’s Security Operations Platform offers Sky Lakes protection against a number of daily attacks, ranging from 150,000 to 250,000, on their intrusion detection system (IDS) or intrusion prevention system (IPS). This level of protection is crucial in keeping their external attack vector secure. Perryman highlights the significance of Adlumin’s visibility, stating, “Visibility is key to keeping our environment secure. That is why we started looking at Adlumin as a solution.”

When an external anomaly is detected, the platform empowers Sky Lakes to take immediate action, pinpointing the source and nature of the issue, which helps them formulate an appropriate response plan. This expedited investigative process ensures that any security concerns are addressed, minimizing the potential impact on the organization’s overall security posture.

[With Adlumin] We were able to act very quickly when we found an external anomaly on a laptop…and then follow through in an investigation to find what it was, where it was, what we needed to do, and how to mitigate it.”

-Mike Perryman, the Manager of Technology Systems

Compliance and Reporting is Essential

By utilizing Adlumin’s one-touch compliance and reporting, and reporting, Sky Lakes can demonstrate the value of its cybersecurity efforts through comprehensive and informative reports. These reports include crucial data and analytics, highlighting the effectiveness of Adlumin’s solution in protecting Sky Lakes. By sharing all statistics and data obtained from Adlumin’s platform, Sky Lakes fosters a culture of accountability and continuous improvement in its cybersecurity posture. The reports also enable them to benchmark their security performance against industry standards and best practices.

With a governance structure, Sky Lakes ensures that its IT team reports monthly, providing a detailed account of its security measures, including patching and other essential security features. This reporting process allows the higher-level management team to understand the organization’s cybersecurity posture and stay informed about potential vulnerabilities.

Lessons Learned Calls for Higher Security

The devastating ransomware attack experienced by Sky Lakes propelled the importance of strong security measures in healthcare institutions. Recognizing the need to be proactive in their cybersecurity efforts, Sky Lakes turned to Adlumin’s Security Operations Platform for complete visibility into their network.

Adlumin’s platform empowers Sky Lakes to detect, analyze, and promptly respond to suspicious activities, giving them the upper hand in preventing future cyber threats. The platform’s seamless and straightforward setup made it a game-changer for Sky Lakes. Perryman said it was Adlumin’s implementation was “one of the easiest I have ever done.”

By adopting Adlumin’s Security Operations Platform, Sky Lakes hopes to inspire a proactive and resilient hospital cybersecurity culture. With the ability to continuously monitor their network and address potential issues, hospitals can maintain their focus on providing exceptional care without the looming fear of cyber threats halting care for their patients.

Healthcare institutions must prioritize cybersecurity measures. Adlumin’s Security Operations Platform is a valuable tool in ensuring the security and integrity of hospital networks, allowing them to confidently navigate the digital landscape and fulfill their mission of delivering exceptional care to their communities.

Adlumin Security Operations Platform

Adlumin’s Platform plus MDR Services. Your Command Center for Security Operations.

About Adlumin

Adlumin Inc. provides the enterprise-grade security operations platform and managed detection and response services that keep mid-market organizations secure. With one license and one platform, its patented technology gives organizations and solution providers everything they need for effective threat hunting, incident response, vulnerability management, darknet exposure monitoring, compliance support and much more. The Adlumin platform is feature-rich enough for organizations to operate on their own, yet built specifically to amplify the skills and capabilities of managed service providers.