Northeast Georgia Health System

Improves visibility into cybersecurity threats with Trend Micro

Overview

Northeast Georgia Health System (NGHS) is a not-for-profit community health system dedicated to improving health and quality of life for the people of Northeast Georgia. NGHS is anchored by Northeast Georgia Medical Centre’s four hospital campuses—NGMC Gainesville, NGMC Braselton, NGMC Barrow, and NGMC Lumpkin—with more than 700 beds and medical staff members, representing more than 50 specialties.

Headquartered in Gainesville, Georgia, and founded in 1951, NGMC was recently recognised as Georgia’s number-one hospital for overall hospital care, surgical care, heart care, orthopedic surgery, women’s care, and more.

Challenges

Healthcare organisations are common targets for cybercriminals, so risk reduction is critical to NGHS. The organisation’s former security vendor was slow to implement solutions, used solutions that didn’t integrate well, and lacked a strategic security plan. The organisation needed to improve protection and visibility for its 1,000 servers and 6,000 endpoints, including 1,000 laptops that often traveled offsite.

With a small IT team, NGHS needed a security solution that was centralised and easy to use. It needed a partner that could take an active role in helping the organisation achieve its security goals. “We needed one effective security system that could be managed by just a few people and that would allow us to see everything using a single pane of glass,” said Pete Statia, information security officer for NGHS.

Why Trend Micro

Statia had used the Trend Micro TippingPoint Threat Protection System when he worked for another healthcare provider, and he was impressed with the solution. Based on that experience and Trend Micro’s approach to security overall, NGHS chose Trend Micro as the backbone of its new security strategy. “Trend Micro had the most complete vision overall,” said Statia. “They offered better endpoint security, they were the most knowledgeable about zero-day exploits, and everything is integrated so it all works together to protect us.”

The integration of Trend Micro’s solutions with IBM® QRadar® and IBM® Resilient® added to Statia’s decision. Statia recognised the tremendous value he received from the sharing of security data between Trend Micro and IBM solutions.

Statia also liked the fact that Trend Micro is accessible to its customers through its customer advisory board. “We can talk to Trend Micro leadership, share our vision, and tell them what we need,” said Statia. “They’re very responsive, and they are usually way in front of customer needs.”

"We needed one effective security system that could be managed by just a few people and that would allow us to see everything using a single pane of glass."

Pete Statia
Information Security Officer
Northeast Georgia Health System

Solutions

NGHS implemented Trend Micro Smart Protection Complete and Trend Micro OfficeScan to protect its endpoints. As well, they decided on TippingPoint for the network and Trend Micro Deep Security to provide host intrusion protection for its hospitals and to help improve compliance. “TippingPoint is one of the best intrusion prevention systems on the market. When you have lots of devices on your network, you have to have something that can stop all types of exploits.”

NGHS moved to Trend Micro solutions quickly, using a “rip-and-replace” strategy. “With Trend Micro’s support, the move to Trend Micro solutions was mind-bogglingly easy. When you make a big change like that, everybody gets nervous, but the training our network team received from Trend Micro gave them a great level of comfort.” explained Statia.

"We can talk to Trend Micro leadership, share our vision, and tell them what we need. They’re very responsive, and they are usually way in front of customer needs."

Pete Statia
Information Security Officer
Northeast Georgia Health System

Results

NGHS recently faced its first zero-day targeted attack, but thanks to Trend Micro solutions, the organisation was fully protected. “We could see hundreds of intrusion attempts nonstop scanning, looking for vulnerable systems. TippingPoint immediately knew we were under heavy, sustained attack. That was an immediate benefit,” explained Statia.

Statia saw an immediate improvement in visibility to their endpoint. “With Trend Micro’s endpoint security, I now get consistent reports showing that everything is up to date,” said Statia.

Better visibility also allows NGHS to be more proactive. If an endpoint becomes infected or abnormal network behavior occurs, Statia and his team are automatically alerted and can take immediate action to remedy the situation. “We have a much cleaner environment now. The integration between Trend Micro’s solutions feeding data to IBM QRadar and IBM Resilient provides me with the satisfaction of gaining value from my technology investments,” said Statia.

Finally, improved visibility allows Statia to better inform the NGHS board. He can now share reports with the board members and educate them about the cyberattacks the organisation faces and how Trend Micro is proactively and effectively protecting the organisation’s data.

What's Next

NGHS looks forward to taking advantage of Trend Micro’s development in security for the internet of things (IoT) medical devices. Trend Micro is conducting research on IoT connected medical devices, some of which might open up healthcare organisations to new types of vulnerabilities. NGHS intends to work closely with Trend Micro on a pilot in that area. Statia expressed, “I’m excited about Trend Micro’s research in the IoT space for medical devices. It’s great that somebody is working on this massive IoT security issue that nobody else seems to be working on.”