Confront cyberthreats to healthcare reliably and affordably: Leverage a security operations center-as-a service

A security operations center (SOC) provides a focal point for security operations, but providing 24x7 SOC coverage is beyond the means of most organizations due to people and technology costs.
10:46 AM

The healthcare industry continues to have a “cyber target” on its back.

The inherent value of patient health records means hospitals and other healthcare organizations continually fall victim to a deluge of ransomware, spear phishing, and other cyberattacks. The costs of such assaults are substantial. These data breaches result not only in HIPAA violation fines and recovery costs, but also significant losses in community trust and patient satisfaction.

A security operations center (SOC) provides a focal point for security operations, but providing 24x7 SOC coverage is beyond the means of most organizations due to people and technology costs. Healthcare organizations face multiple challenges in proactively responding to threats. These challenges include protecting different legacy medical systems that are difficult to patch and maintain, locating and retaining security personnel, and managing with constrained cybersecurity resources.

That’s why Todd Thiemann, a product marketing director at Arctic Wolf, said healthcare organizations can benefit from investing in a security operations center (SOC)-as-a service instead of maintaining an on-premises SOC.

“Creating your own SOC requires you to monitor all the telemetry from your various systems, detect and investigate anomalous activity, and remediate the security issues that you find. For larger organizations, that generally takes nine to 12 people with cybersecurity experience working 24x7, which is an expensive proposition,” Thiemann said.

“For smaller- and medium-sized organizations, standing up a SOC is beyond their means. But SOC-as-a-service, which provides everything required for security monitoring and related compliance obligations, offers healthcare organizations the protection they need at a more reasonable cost.”

Thiemann said many healthcare organizations do not even realize that SOC-as-a-service is an option. But, he argued, this kind of service offers healthcare organizations a timely, responsive, and affordable way to manage threat risk, detection, and response. Healthcare organizations that enter into such arrangements should also expect an ongoing vulnerability management process in addition to the monitoring services that detect and respond to threats.

“A good managed services team will ask about and understand where your crown jewels are and can identify the handful of systems with vulnerabilities where you need to focus disproportionate attention. And if something does occur, the security team can engage with you to resolve the issue,” he said.

The right SOC-as-a-service partner, Thiemann added, can offer a personalized concierge approach that appreciates your organization’s IT environment, inside and out. That team should also have the knowledge and experience to understand when a threat is truly significant so that you are not inundated with unnecessary false-positive alerts.

“SOC-as-a-service is an ongoing relationship, an extension of your own internal IT team, that can help you tighten your security ship in a reliable and affordable way,” he said. “With a threat landscape that continues to evolve, it’s not a matter of if, but when you’ll encounter a cyberattack. SOC-as-a-service allows healthcare organizations a way to refine their security posture so they are ready for to effectively deal with whatever comes their way.”

To learn more about SOC-as-a-service and how it can help protect your healthcare organization from cyberattacks, visit Arctic Wolf.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.