This blog was written by Anne Aarness.
Simply adding an advanced threat analysis technology to your security stack can expand detection and solve some immediate security issues. But thinking beyond standalone detection to an integrated ecosystem can not only improve detection and protection throughout your organization, it can also enhance your business by optimizing security operations response time, giving you a competitive edge.
A case in point is Vidant Health, eastern North Carolina’s largest healthcare provider, with eight hospitals and 80 clinics that serve 1.4 million people. Vidant is one of the first healthcare organizations in the US to successfully deploy a tightly integrated McAfee solution combining McAfee Advanced Threat Defense, McAfee Threat Intelligence Exchange, McAfee Enterprise Security Manager, and McAfee Data Exchange Layer.
Vidant’s information security director, Kirk Davis, explains that prior to adopting this solution, his team was on “alert overload” and experienced long delays in receiving information about threat activity. The McAfee solution answered the need for a security decision support platform that would allow the information services group to spend most of their time enabling growth, innovation, and delivery of patient-centered services, such managing and tracking rounds by medical staff, protecting electronic health records, and streamlining clinical workflows.
Just days after the brief deployment period, Davis was seeing results from the solution. The SIEM component, McAfee Enterprise Security Manager, dramatically increased visibility into security events and suspicious files detected and convicted by dynamic and static analysis technologies used by McAfee Advanced Threat Defense.
“Now we can consolidate threats and alerts and provide actionable information to our team,” says Davis, “And, because we don’t operate in an API-to-API environment, McAfee Data Exchange Layer, through the McAfee Threat Intelligence Exchange/McAfee Advanced Threat Detection integration, can share threat information in seconds.”
Tight integration and automation greatly reduce the time from detection to protection and correction across the entire organization. As Davis suggests, “Being able to have that immediate visibility to threats and being able to guard against them without any human intervention really allows us to focus on our core business, which, believe it or not, is not running down malicious code.”
According to Davis, implementation of the integrated solution resulted in a positive ROI in just six months. For example, Vidant and its care partners no longer experience costly losses in productivity and operational expense associated with the amount of time and effort spent combating evasive and complex threats like CryptoWall ransomware.
Vidant has derived significant business value from the open and collaborative approach to security enabled by McAfee solutions. With greater visibility to potential threats, this approach empowers security operations teams to act swiftly, optimizing response and efficiency. For Vidant, automated and coordinated security is essential. “If we want to have information services as a competitive advantage, we need to make sure we know exactly how to package and scale our infrastructure, security, and support services as we grow,” says Davis. And, as he can tell you, McAfee integrations have already contributed to his organization’s success.
To learn more about how an integrated ecosystem like the one implemented by Vidant can help you combat unknown malware, watch our video, “Defeat the Grey.”