With the need for an internal security analyst, Heritage Lifecare faced an important choice: hire someone or outsource cybersecurity to a provider of around-the-clock managed security services. In selecting the latter option and placing its business with SSS IT Security Specialists, Heritage Lifecare today enjoys improved protection and better peace of mind, knowing that if an attack occurs at any time, it has a team of experts available for prevention and rapid remediation.

Heritage is one of New Zealand’s largest providers of Residential Aged Care services with 42 Care Homes and 20 Villages throughout the country providing retirement options and care for more than 2,800 residents through an overall staff complement of 2,900.

Situation

Heritage Lifecare GM Technology Glen Wilson says the organisation was a relatively early adopter of cloud and software as a service technology, eliminating just about all its on-premises equipment bar the wireless network. “That does simplify things a bit, but in terms of cybersecurity the challenge is still there. Everyone has concerns about getting hacked.”
And so they should, he adds, as there is no shortage of ‘horror stories’ of businesses and organisations of every kind falling victim to scammers, hackers, data leaks, ransomware, and multiple other breaches and incidents. “We’d done a fair job of it internally, but it was time for reflection on how best we might move forward.”
Wilson says cybercriminals don’t keep office hours like an FTE does. “We were aware that most positions are a classic 9 to 5 role, and that cybercrime isn’t. That potentially left us exposed if, say, an attack or incident rolled in at 2am on a Saturday.”

Solution

With some prior experience of SSS from earlier in his career and having procured software more recently in ‘a purely commercial transaction’, Wilson knew exactly where to look for the necessary support. “After raising the topic of what SSS could do for us, the decision was made to go with them and enjoy access to the scale of a team providing 24/7 services,” he confirms.

Initially, Heritage signed up with SSS’ managed SOC service, Managed Detection and Response Service (MDRS), and Advanced Phishing Triage Service (APTS). 

MDRS addresses various threats and abnormalities with a combination of information and event logging, network-based intrusion detection and incident response and remediation services, preventing attacks and remediating any issues identified in the cyber environment.

APTS combines automation with real-time threat intelligence, analysing and responding to user-submitted suspicious e-mail samples.

Wilson says MDRS is largely the replacement for the internal resource and proactively keeps an eye on things. “APTS took some time to get the configuration right in terms of separating out false positives from real scams, and it remains a ‘work in progress’. SSS took on our feedback and put in extra effort which means now we’re glad to have it, and in fact the process of getting it right has demonstrated how good SSS is to deal with, and how responsive they are.  There is a difficult balance to achieve where potential threats are dealt with appropriately without a deluge of false positives that impact on the credibility of the service.  It takes time and tuning to get this right, which continues to happen.”

These engagements were received positively, and it has led to further engagement including the introduction of SSS’ email reputation service (ERS) targeting one of Wilson’s main concerns. “It doesn’t matter how secure your systems are, social engineering means a hacker could get hold of someone’s perfectly valid credentials through phishing or spoofing,” he explains. “Many of our staff are carers, nurses and those with clinical backgrounds. They are busy caring for people – so, while we actively train and educate, this remains a risk area, as it does in most organisations.”

ERS removes many of the attack vectors used by malicious actors as a fully managed service and effective email validation service continually monitoring email reputation, delivery performance, and compliance.

Heritage is now treating SSS as their outsourced security team and has had presentations to the Heritage Senior Leadership Team from SSS’ CEO and has also run attack simulations using SSS’ Governance Risk & Compliance (GRC) team. Wilson describes this as an ideal opportunity to get real with cybersecurity. “Our exec team already takes security very seriously, and this exercise managed to highlight the risks further as a series of compounding events unfolded over a half-day simulation.  This gave us all a better understanding of how to react most effectively.

“This Incident Response Exercise was instructive as it shows what can go wrong and how dependent we are on our systems.  That raises awareness to a suitable level and can help with the allocation of funding for security initiatives.

Results

Overall, Wilson says his experiences with SSS have gone well, and the company is positive about the partnership. “Security is very much a game of whack-a-mole where you must try to protect against everything while the hacker only focuses on the one thing that might get them through. At the same time, when people are tired and stressed, we sometimes do silly things – we all do it – and that can lead to a compromise.”

Having SSS in his and Heritage Lifecare’s corner, he continues, provides added confidence that there is proactive protection as well as access to immediate and detailed response and remediation from a full team rather than a single individual.

Finally, he says that peace of mind comes at a comparable cost to internal resourcing with the additional benefits of greater coverage and access to a broader talent pool of security specialists. “Security isn’t our core business, caring for people is. With smarter and more in touch people at SSS looking after our security, the simple advantage is that we benefit.”