Palo Alto Networks helps healthcare providers:

Gain visibility
INTO network
threats

The heathcare industry must embrace a breach prevention mindset to protect its data. Prevention of cyberattacks requires effective protection at all stages of the attack lifecycle.

Read more >

Stop known
& unknown
threats

Palo Alto Networks WildFire™ is a cloud-based malware analysis environment that provides granular and coordinated threat analysis for all traffic and attack vectors across thousands of applications.

Read more >

Protect
medical
devices

Hospitals need help protecting medical devices as they tend to be more prone to cyberattacks than managed systems.

Read more >

Listen to Dylan Border

“All of the recent Hospital breaches have put cybersecurity in to more of a focus.”

Dylan Border, Network and Security Engineer, Fisher-Titus Medical Center

The number one priority for any healthcare provider is patient health and safety. In a process-driven industry, anything that threatens patient safety, that hampers clinicians, or diverts medical resources must be eliminated.

Cyber criminals are a real and growing threat to patient safety.

In today’s digital way of life, there is implicit trust that our medical history and personal information will remain protected by those we choose to let into our lives. For healthcare providers, the only way to preserve that trust is a breach prevention-minded approach to cybersecurity versus the status quo detection and incident response thinking. When it comes to our personal health details, detection is too little and far too late.

In 2015, over 113 million healthcare records in the U.S. were lost; that’s one in three Americans. The figure is a twelvefold increase on the previous year.

Across the globe, cyberattacks are up 125 percent since 2010. Nine out of every 10 healthcare providers surveyed admitted to being breached at least once.

Equally worrying, healthcare providers will inevitably direct scarce funding to medical issues – meaning cybersecurity investments in the sector often lag behind other industries.

“Palo Alto Networks plays a lead role in our layered security model, working to ensure the highest level of security on the edge, wireless and enterprise networks.”

Gary Horn, Vice President, Advocate Health Care

The healthcare industry must embrace a breach prevention mindset to protect its data. Prevention of cyberattacks requires effective protection at all stages of the cyberattack lifecycle. Piecemeal security systems are inadequate.

Reducing cyber risk requires having protections at every stage of the cyberattack lifecycle, covering all components of the network. In a hospital environment, this means having the right processes and technology in place to successfully isolate medical devices from other areas of the network, protect endpoints from sophisticated malware, and stop known and unknown threats on the network. Moreover, those controls need to be integrated from the ground up to be effective.

GAIN VISIBILITY INTO NETWORK THREATS

As one of the leading healthcare providers in Canada, CBI Health depends on its infrastructure to connect more than 240 offices and thousands of mobile users to its primary data center, which contains all the company’s data and applications. With so many possible entry points for cyberattacks, CBI Health needed to protect the data center from all kinds of threats.

The healthcare firm chose the Palo Alto Networks® Next-Generation Security Platform to perform that task because of Palo Alto Networks reputation for innovation and quality.

“We didn’t know what sites our users were accessing on the Internet and therefore couldn’t accurately assess the risk of infections from specific regions or countries. Integrating the Palo Alto Networks Next-Generation Security Platform with our Citrix VDI allows us to have that level of visibility right out of the box using Content-ID™.”

Cameron Chojnacki, Infrastructure Manager, CBI Health Group

Hospitals are targeted with new malware variants and cyberattacks that have never been seen before. Palo Alto Networks WildFire™ cloud-based malware analysis environment provides granular and coordinated threat analysis for all traffic and attack vectors across thousands of applications.

Health Information Technology Services Nova Scotia (HITS-NS) provides IT services to district health authorities and hosting services, internet access and remote connectivity to a network that includes 20,000 users in over 150 locations, interconnecting all the hospitals in Nova Scotia. It relies on WildFire to stop unknown threats across its network and the threat prevention subscription to prevent known threats.

Ransomware can critically impact hospitals. The latest ransomware variants can use a combination of exploits and malware to penetrate deep into a hospital network and execute a coordinated attack against multiple systems.

CBI Health became the target of ransomware and infections were up to three per week. Ransomware typically penetrates a hospital’s network perimeter in one of three ways: 1) Exploit kits and drive-by downloads, 2) Malicious email attachments and 3) Vulnerable servers in the DMZ. The third method was responsible for the latest ransomware attacks targeting hospitals in 2016. Once a vulnerable server in the DMZ is compromised, cyber criminals push ransomware, like Samsa, throughout the internal network and encrypt files on file servers and application servers, threatening to only unlock the files if a ransom is paid.

To better position itself to prevent ransomeware on its endpoints, CBI Health deployed Palo Alto Networks Traps Advanced Endpoint Protection offering to augment the prevention capabilities already available with the next-generation firewalls.

"Before we had Wildfire we really didn’t know when malicious software came onto our network. Having Wildfire means we know exactly where it came from, and where it landed on our network and what it is doing.”

Phil Cummings, Systems Administrator, Health Information Technology Services Nova Scotia

"The minute that we turned on Traps, the number of ransomware infections dropped to zero. A week later it was still zero. We literally haven’t had a successful CryptoLocker attack since we installed Traps.”

Cameron Chojnacki, Infrastructure Manager, CBI Health Group

protect medical devices & VDI

Hospitals need help protecting medical devices as they tend to be more prone to cyberattacks than managed systems. Medical devices often run EOL operating systems like Windows XP, are unpatched and do not have any endpoint protection.

Fisher-Titus Medical Center is a non-profit community hospital located in North Central Ohio. It wanted to tighten security around unprotected devices, aware of a backdoor threat to its data.

Segmentation with the Palo Alto Networks Next-Generation Firewall isolates medical devices in their network and WildFire’s proactive and automatic prevention of advanced and targeted attacks helps give Fisher-Titus the insight and analytics to prevent future attacks.

Nearly every hospital uses some type of VDI (Microsoft VDI or Citrix) to control access to Protected Health Information.

The Citrix virtual desktop infrastructure (VDI) at CBI Health is absolutely critical to the company’s business because it allows users to securely access applications and data without having to store the information locally where it might be lost or stolen. However, CBI was unable to determine which sites its users were accessing on the internet making it difficult to accurately assess the risk of infections from specific regions or countries.

The Palo Alto Networks Next-Generation Firewall solved CBI’s visibility problem and its URL-filtering component empowered their security team to better control internet access for medical practitioners.

“Integrating the Palo Alto Networks Next-Generation Security Platform with our Citrix VDI allows us to have that level of visibility right out of the box using Content-ID™.”

Cameron Chojnacki, Infrastructure Manager, CBI Health Group

Palo Alto Networks has visibility into new threats as they emerge around the globe and can quickly inoculate all of our customers from that threat. Every five minutes, all of our customers around the world are protected from developing threats attempting to gain a foothold in their enterprise. We have built a security platform – from the ground up – based on new and innovative technology that is more adapted to (1) today’s use of the internet, (2) preventing modern cyberattacks and (3) enabling business operations.

For Palo Alto Networks healthcare customers, this delivers two benefits:

Peace of Mind

“It’s peace of mind. I can tell our executives that we have a stronger security paradigm than virtually anyone else in the industry. Because of our relationship with Palo Alto Networks, we spend more time coming up with ways to improve security, reliability and compliance, and less time just keeping the lights on.”

Cameron Chojnacki, Infrastructure Manager, CBI Health Group

More Time for Strategic Objectives

“Our end users are happier, our managers are happier, and our IS team is happier because we’re not worrying about the network. Instead, we’re able to focus on strategic projects to help improve hospital services.”

Tony Allwood, IS Solution Architect, Southern Cross Hospitals