Healthcare entities have a 51% probability of falling victim to phishing attacks. Successful incidents not only lead to control over systems, but can also expose patient health information, financial and insurance data.

Healthcare providers are seeing an 81% uptick in threats, especially as cyber criminals weaponize increasingly advanced methods, and some organizations are struggling to keep pace.

With over 265 clinic locations across the United States and a mission to deliver high-quality, accessible and compassionate care to under-served communities, Fast Pace Health recently found itself ill-equipped to fend off high volumes of relentless cyber threats.

On account of overseeing large quantities of patient data, the organization had become a sought-after phishing attack target. The attack rate threatened organizational operations and appeared liable to undermine patient trust.

Small Security Team Struggles to Keep Pace

Millinko Milincic, Information Security Architect at Fast Pace Health, leads a team of cyber analysts who were responsible for protecting patient data across the brand’s two different data centers and hundreds of locations.

Due to toolset limitations, the team could not block and report attacks effectively. In turn, Fast Pace Health started to experience dozens of phishing incidents daily.

Many of these incidents targeted higher-ranking individuals within the organization and high-value organizational assets.

Security Slips: On the Edge of Disaster

The phishing attempts were more than a mere inconvenience. They represented a direct threat to the organization’s operational integrity.

Because attackers used phishing to push malware onto user endpoints, security staff were constantly cleaning up from malware and expending their time in tedious, unnecessary ways.

In addition, attacks often targeted login credentials, meaning that sensitive patient data could be compromised at any moment, potentially putting Fast Pace’s HIPAA compliance in jeopardy.

Fast Pace Health recognized the need for an integrated email security solution that could proactively prevent these attacks while offering improved visibility and automated response capabilities.

Evaluating and Selecting a Cyber Security Provider

After evaluating multiple options, Fast Pace Health turned to Check Point. The team first pursued Check Point’s Harmony Email & Collaboration solution. This comprehensive platform was designed to protect an organization’s entire email and collaboration tool environment – including Gmail, Microsoft 365, Slack, SharePoint, and OneDrive – from phishing, malware, business email compromise (BEC), and credential harvesting attacks.

After implementation, the results were dramatic. Since installing Check Point’s solutions, the organization has not experienced a single phishing incident.

Endpoint Protection and Simplified Compliance

To address the challenge of managing thousands of devices across clinics, Fast Pace Health deployed Check Point Harmony Endpoint. This solution offered unprecedented visibility into all connected devices, and provided insights into third-party applications – previously a blind spot for the security team.

“Check Point Software has enabled us to have total and complete visibility into all the areas that were basically terra incognita for us before,” said Milincic.

Automated remediation features and consolidated management streamlined HIPAA compliance efforts, while threat emulation capabilities ensured secure file sharing through automatic sanitization of infected files before transmission.

Infinity Platform Implementation: Automated Response & Increased Visibility

The implementation of the Check Point Infinity Platform, a prevention-first security operations suite, further enhanced Fast Pace Health’s cyber security posture. The Extended Detection/Prevention and Response (XDR) capabilities provided clear visibility across endpoints, security tools and other tech stacks

Infinity Playblocks enabled the team to automate security actions across infrastructure, significantly improving efficient incident and attack response capabilities.

Tangible Results: Cost Savings and Enhanced Efficiency

The impact of the aforementioned cyber security improvements proved transformative. As noted previously, phishing incidents, which had once represented a constant threat, were completely eliminated.

In general, the enhanced visibility provided by Check Point’s solutions substantially reduced the time required to detect and mitigate security events.

Further, the consolidation of security tools under a single vendor led to massive cost savings, with Milincic estimating a reduction of approximately $500,000 in cyber security expenses. “We saved a lot of money,” Milincic reported.

Finally, the new security infrastructure also enhanced Fast Pace Health’s ability to meet HIPAA compliance requirements.

Actionable Insights: Steps for Your Organization

Actionable Insights: Steps for Your Organization

If your healthcare entity is experiencing similar challenges to those of Fast Pace Health, consider the following:

1. Prioritize comprehensive email security solutions in order to effectively combat phishing attacks.

2. Implement endpoint protection that provides visibility into all connected devices and third-party applications.

3. Utilize automation to enhance incident response capabilities, especially for small cyber security teams.

4. Consolidate cyber security tools to both improve operational efficiency and to potentially reduce costs.

5. Ensure that your security solution offers robust reporting features, enabling your team to demonstrate ROI to leadership.

Since installing Check Point’s solutions, Fast Pace Health has not experienced a single phishing incident. To learn more about how to enhance your organization’s cyber security, schedule a demo of Check Point’s Harmony Email & Collaboration tooling today.

You may also like