Tu Ora Compass Health has teamed up with CyberTeam to establish a thorough threat-informed defence strategy. By conducting quarterly threat assessments and implementing focused security enhancements, Tu Ora has successfully evolved their security stance to proactively address new threats in the healthcare sector.
The Obstacle
Healthcare organisations are navigating a constantly changing environment of cyber threats, ranging from advanced phishing schemes to vulnerabilities in the supply chain. Tu Ora required a forward-thinking strategy to: - Safeguard sensitive patient information against new threats
- Protect the healthcare sector from specific attacks
- Oversee risks associated with supply chain security
- Tackle issues related to insider threats
- Ensure adherence to healthcare security regulations
Our Method
- Quarterly Threat Assessments We set up a quarterly routine for evaluating threats that centres on: - Analysing risks within the global healthcare sector
- Analysis of incident data and patterns of attacks
- Assessing existing security measures - Recognising new potential threats
- Focused Control Execution Following our assessment findings, we focused on and put into action targeted controls:
- Enhanced detection and prevention of phishing threats
- Framework for managing supply chain risks - Capabilities for monitoring insider threats
- Components of zero-trust architecture
- Ongoing Enhancement Process Every quarter concentrated on particular threat zones:
- Question 1: Insider threat prevention - Question 2: Supply chain security controls - Question 3: Phishing and social engineering defences
- Q4: Safeguarding against advanced persistent threats (APTs)
Quantifiable Effect Improvements in Compliance with HISF; A notable increase in maturity with reference to the fundamental HISF criteria Improved response to issues; improved access management policies; and strengthened protections for patient data Supply Chain Security; A notable increase in awareness of supply chain security The creation of a methodology for evaluating the security of vendors Continuous third-party entity monitoring capabilities; regular vendor security assessments and improvements Phishing Defence & Training; Additional training needs were identified by the results of phishing simulations. Implementing targeted campaigns to raise user awareness; strengthening email security protocols; and improving mechanisms for reporting questionable emails Improvements to conditional access restrictions, Microsoft 365, and Entra ID; better identity and access management; improved security monitoring and notifications; and increased interoperability with existing security measures
Testimonial
"CyberTeam's threat-informed approach has significantly enhanced our security stance." Their regular evaluations and focused enhancements allowed us to remain proactive against new challenges, all while keeping our commitment to patient care at the forefront. The enhancements in HISF compliance, supply chain visibility, and our Microsoft environment have instilled confidence in our capacity to identify and react to advanced threats.
- Chief Information Security Officer, Tu Ora Compass Health