Customer stories

healthcare logoU.S. medical university

Leading United States medical university guards against cyber threats with OpenText security solutions. University mitigates risk, defends against threats and accelerates response times with OpenText™ Managed Extended Detection and Response (MxDR)

healthcare logo

Challenges

  • Difficulty identifying potential exposure in the event of cyber breaches
  • Rising risk of critical health information being ransomed or exfiltrated
  • Slower than ideal response times

Results

  • Defeated potential cyber attacks before critical damage could be done

  • Protected the university from costly data loss

  • Accelerated response times and allowed remote investigations

Story

Healthcare, government and educational institutions have become popular targets of cybercrimes, such as ransomware attacks. Ransomware infiltrates a network and encrypts critical files. Attackers then demand a ransom payment to restore access to the data, averaging $812,000 per incident in 2021. Patient data makes a valuable hostage, so healthcare organizations are frequently targeted.

medical professional using tablet

With OpenText MxDR, everything is in the cloud, so it was seamless and efficient for us to use the service. The entire process—the forensic collection and analysis, determining the root cause of a breach and receiving the report—happens rapidly.

Spokesperson
U.S. medical university

Advanced threat detection and analytics

After the high-profile cyberattack on SolarWinds became public, the IT team for this leading U.S. medical university raced to determine whether it had been exposed to the threat. The university had already been working with OpenText to update its risk and compliance policies, so it reengaged its trusted partner to help assess its exposure to the SolarWinds malware threat.

OpenText Security Services combines extensive experience with leading technologies to offer clients coverage, such as threat hunting, digital forensics, incident response, risk and compliance and managed security services. By performing a threat hunt on the university’s systems, OpenText and the university quickly identified and addressed security exposures.

Following the swift remediation of its vulnerabilities, the university took the proactive step of adding an extra layer of security with OpenText™ Managed Extended Detection and Response (MxDR) for continuous systems monitoring. The MxDR service is built on a fully remote, cloud-based virtual security operations center (SOC) supported by machine learning and MITRE ATT&CK® framework behavior-based detection rules (TTPs).

The university now benefits from intelligence-based detection of the latest threats, delivering mean-time-to-detection (MTTD) measured in minutes and a 99 percent detection rate. When needed, the university can call on OpenText MxDR experts to conduct in-depth investigations to identify the root cause, impact to the organization and intent of breaches, ensuring the fastest path to remediation.

A few weeks after implementation, another malware threat surfaced that put the university’s new defenses to the test. Using the OpenText™ EnCase™ Forensic solution to take a forensic image of the affected machine, the OpenText Security Services performed forensic analysis and provided a full incident response service.

A spokesperson for the university said, “Within a matter of hours, OpenText Security Services identified all the actions that the threat actor had run on the system, detected all the malicious content and provided a full scope of the sequence of events that occurred on the system.”

Within a matter of hours, OpenText Security Services identified all the actions that the threat actor had run on the system, detected all the malicious content and provided a full scope of the sequence of events that occurred on the system.

Spokesperson
U.S. medical university

Detection of threats within minutes

Speed is key when it comes to detecting a cyber breach and preventing further compromise of systems and data. The MxDR service augments the university’s IT team with extensive experience in breach-response investigations and malware analysis, leading to faster, proactive identification and risk remediation. In addition, OpenText cloud-based solutions permit a fully remote service, one that was critical when on-site investigations were difficult during pandemic lockdowns.

“With OpenText MxDR, everything is in the cloud, so it was seamless and efficient for us to use the service. The entire process—the forensic collection and analysis, determining the root cause of a breach, and receiving the report—happens rapidly,” added the spokesperson.

An ounce of prevention

Thanks to its partnership with OpenText Security Services, the university is confident in its ability to quickly identify threats and address them before critical damage is done. By catching breaches early in the cyber kill chain, the university effectively reduces the risk of disruptive ransomware attacks that could jeopardize critical operations.

The spokesperson noted, “In recent threat incidents, OpenText MxDR experts were able to prove that the threat actors didn’t move laterally, did not exfiltrate any data and did not persist. This gave us peace of mind that our environment is secure.”

About U.S. medical university

Leading United States medical university guards against cyber threats with OpenText security solutions. University mitigates risk, defends against threats and accelerates response times with OpenText™ Managed Extended Detection and Response (MxDR).