Table of Contents
- Summary and Company Profile
- Lessons Learned
- About Joe Fay
1. Summary and Company Profile
Health providers are a prime target for cyberattacks, having stewardship of the most intimate personal data covering vast numbers of people. Yet, they are often underfunded when it comes to technology in general and security in particular, not least because their default is to spend resources on clinical systems. This report shows how one public health organization in the United States replaced its detection and response system in tandem with a shift to virtual desktop infrastructure (VDI).
Southern Nevada Health District is one of the largest local public health organizations in the U.S., covering almost three-quarters of the state’s population. Its remit includes providing community health services, such as emergency medical services and epidemiology, and clinical services, including immunization programs.
It chose Cortex XDR to replace its legacy incident detection and response provider. Cortex XDR aims to integrate network, endpoint, and cloud data, and subject it to analytics to detect threats, prevent attacks, uncover insider behavior, and empower investigations. Cortex XDR is part of Santa Clara, California-based cybersecurity company Palo Alto Networks.
- Licensing costs for Cortex XDR were 80% to 85% lower than Southern Nevada Health District’s previous detection and response platform. This is partly because the organization went all-in with security products from Palo Alto Networks.
- Cortex XDR worked much better with the VDI the health district was also implementing. The Cortex XDR image was integrated into its base VDI image, making for a more straightforward rollout.
- Tight integration with other Palo Alto Networks technology means the health organization’s network staff can now be more proactive in improving its security posture and its systems in general.
- While security response was previously an office-hours-only affair, the integration of Cortex XDR with a third-party managed detection response provider means the district now effectively has 24/7 coverage.