FireEye[NASDAQ: FEYE]: Reimagining Healthcare Cybersecurity

FireEye[NASDAQ: FEYE]: Reimagining Healthcare Cybersecurity

Kevin Mandia, CEO, FireEye[NASDAQ: FEYE]Kevin Mandia, CEO, FireEye[NASDAQ: FEYE] As the healthcare industry continues to offer life-critical services and treatment with new-age technologies, the frequency and intensity of cyber attacks have also increased in the recent years. A myriad of cybersecurity-related issues has plagued the industry. These attacks range from malware to distributed denial of service (DDoS) attacks, which can paralyze the whole system. Though every industry faces some security challenges, healthcare sector deals with comparatively more because patient records and research assets are more critical than any other data and its value is much higher in the black market. Especially, social security number and medical records have a long shelf life for fraud than hacking of any other personal information. Also, the healthcare industry is more vulnerable than other sectors because networks in the system are increasingly interconnected–between doctors’ offices, hospitals, insurance companies, contract workers, suppliers, and other entities. The interconnectivity increases the industry’s exposure to breaches through lost or stolen devices. According to a Vectra Networks Study 2017, 164 threats have been detected per 1,000 host devices in the healthcare industry.

To counter today’s threats, healthcare institutions need to enhance and accelerate their efforts to protect their data and systems. FireEye is reimagining cybersecurity by going beyond signature-based security and offering help in detecting advanced and rare attacks. The firm believes that the hands-on front-line expertise and knowledge along with innovative technology gives the best protection that the today’s healthcare clients need. “Our mission here is simple: to relentlessly protect our customers with innovation and expertise learned on the front lines. We can make this happen because I believe we know more about the bad guys in cyber space than anyone in the private sector; our customers will always benefit from this knowledge – with simplicity and speed,” states Kevin Mandia, CEO and Board Director of FireEye.

Dynamic Solutions to Protect Data and Critical Information

FireEye’s security solutions defend against multi-vector attacks that generally bypass traditional security tools. The firm’s Threat Analytics is a next-generation security information and event management (SIEM) solution that offers enterprise-wide visibility and behavioral analytics to safeguard cyber attacks. To optimize detection and response to the alerts that matter, Threat Analytics applies expert rules, threat intelligence, and advanced security data analytics. The key advantages of the solutions are it improves detection by performing non-malware based detection and user and entity behavioral analytics; accelerates investigation, and simplifies analysis.

Using FireEye’s frontline intelligence and expertise, healthcare institutions can discover hidden threats. The firm’s Managed Defense (earlier called FireEye as a Service)–a managed detection and response service that combines technology, intelligence, and expertise– identifies threats early and reduce the consequences of a breach. The solution provides real-time visibility across the enterprise, including ICS and cloud infrastructure. Its key features include proactive hunting, rapid response, campaign response, remediation recommendations, access to intelligence and expertise, incident scoping, and global scale.

Winning the 2018 SC Awards Europe for Best Email Security Solution demonstrates FireEye focus on innovation and our continued commitment to solving our customers’ biggest challenges

Believing that technology alone cannot fight cyber attacks, FireEye also provides consulting services that can help healthcare organizations in overcoming security challenges. Mandiant Consulting Services offers expertise to fight evil, respond to cyber incidents with speed, and empower its clients to protect what matters most. Mandiant Consulting’s solution-focused approach enables organizations to address their immediate security concerns and helps them in better defend against attacks. Powered by its uniquely qualified experts, FireEye services can quickly determine if the environment has been compromised, or the security team is ready to prevent any attack. It also evaluates the effectiveness of the client’s security program and operations and provides the team with the in-depth training necessary to respond to any attack.

"Our mission here is simple: to relentlessly protect our customers with innovation and expertise learned on the front lines.."

Security Experts in Action

With the ever-increasing threat, the healthcare organizations are extra-conscious about their data. The attackers are highly sophisticated these days, and their tactics and procedures are also continually evolving. In one such instance, Penn State Health Milton S. Hershey Medical Center, a preeminent academic medical center, was facing a critical security issue after it was found that 83 million malicious attempts were made within the ten-month period to penetrate its infrastructure. “These were not just run-of-the-mill scanning attempts; these were attacks where someone was attempting a specific threat action,” remarks Matthew Snyder, CISO at Hershey Medical Center. “A single data compromise can negate the work that a researcher has performed over a 20-to-30 year span. This is just one of a multitude of reasons why cybersecurity is a mission-critical imperative for us.”

To deal with the crisis, Hershey approached FireEye, which passed the medical center’s testing process with the highest scores related to performance. An integrated set of solutions from FireEye – FireEye Network Security (NX), FireEye Email Security (EX), FireEye Endpoint Security (HX), FireEye Central Management (CM), and FireEye as a Service (FaaS) – were deployed inside the Hersey’s system.

HX did not merely tell the client what just occurred, but it also promptly showed what happened immediately before and after an attack, giving valuable intelligence and context to each alert. Besides, FaaS acted as an extension to Hershey’s security team. “We did not want to end up with a managed security service provider that would throw alerts at us; we chose FireEye because it provides quality reporting as well as high-fidelity detection, investigation, and hunting. The FireEye experts augment and complement our in-house capabilities, and keep watch during our off-line hours,” comments Snyder.

Road Ahead

After announcing financial results for the second quarter in June, Mandia mentions that the sales growth in the second quarter was broad-based across all geographies and product families. He also states that the demand for FireEye’s products and services is escalating, so the company is going to leverage its unique innovation cycle to quickly adapt its products with knowledge gained on the front lines of combating cyber attacks. “The most recent example of our innovation cycle in action is our advanced machine learning-based detection engine, MalwareGuard. MalwareGuard is designed to provide superior signature-less detection of malware to protect our customers better. MalwareGuard is included with our cloud and on-premise Endpoint Security products, and we have plans to extend these models to our Email Security and Network Security products,” adds Mandia.

The intelligence-led security firm has also recently partnered with Gigamon to improve security effectiveness and efficiency for joint customers. With the new development, both the companies have become strategic alliance partners and will together offer market-leading security solutions for network performance and security efficiency without compromising network uptime. FireEye aims to enable greater threat detection performance through increased visibility with SSL decryption and access to traffic across the physical, virtual, and infrastructure.

Not only this, but FireEye has also achieved many awards for its contribution in the security field. Founded in 2004, the company has achieved several milestones in such a short span of time and has an enviable number of clients. The firm has recently won the best email security solution at SC Awards Europe 2018. “Winning the 2018 SC Awards Europe for Best Email Security Solution demonstrates FireEye focus on innovation and our continued commitment to solving our customers’ biggest challenges,” proudly mentioned Jason Martin, FireEye executive vice president of engineering and security products at the award function. “The award shows that the community recognizes FireEye Email Security’s emergence as a leader in this area, with a solution that makes the most of our threat intelligence and security innovations to enable customers to detect and stop all types of advanced email-borne threats proactively.”

- Divya Kishore
    August 30, 2018