U.S. medical university

Challenges

Difficulty identifying potential exposure in the event of cyber breaches
Rising risk of critical health information being ransomed or exfiltrated
Slower than ideal response times

Results

Defeated potential cyber attacks before critical damage could be done
Protected the university from costly data loss
Accelerated response times and allowed remote investigations

Story

Healthcare, government and educational institutions have become popular targets of cybercrimes, such as ransomware attacks. Ransomware infiltrates a network and encrypts critical files. Attackers then demand a ransom payment to restore access to the data, averaging $812,000 per incident in 2021. Patient data makes a valuable hostage, so healthcare organizations are frequently targeted.

With OpenText MxDR, everything is in the cloud, so it was seamless and efficient for us to use the service. The entire process—the forensic collection and analysis, determining the root cause of a breach and receiving the report—happens rapidly.

Spokesperson
U.S. medical university

Advanced threat detection and analytics

After the high-profile cyberattack on SolarWinds became public, the IT team for this leading U.S. medical university raced to determine whether it had been exposed to the threat. The university had already been working with OpenText to update its risk and compliance policies, so it reengaged its trusted partner to help assess its exposure to the SolarWinds malware threat.

OpenText Security Services combines extensive experience with leading technologies to offer clients coverage, such as threat hunting, digital forensics, incident response, risk and compliance and managed security services. By performing a threat hunt on the university’s systems, OpenText and the university quickly identified and addressed security exposures.

Following the swift remediation of its vulnerabilities, the university took the proactive step of adding an extra layer of security with OpenText™ Managed Extended Detection and Response (MxDR) for continuous systems monitoring. The MxDR service is built on a fully remote, cloud-based virtual security operations center (SOC) supported by machine learning and MITRE ATT&CK® framework behavior-based detection rules (TTPs).

The university now benefits from intelligence-based detection of the latest threats, delivering mean-time-to-detection (MTTD) measured in minutes and a 99 percent detection rate. When needed, the university can call on OpenText MxDR experts to conduct in-depth investigations to identify the root cause, impact to the organization and intent of breaches, ensuring the fastest path to remediation.

A few weeks after implementation, another malware threat surfaced that put the university’s new defenses to the test. Using the OpenText™ EnCase™ Forensic solution to take a forensic image of the affected machine, the OpenText Security Services performed forensic analysis and provided a full incident response service.

A spokesperson for the university said, “Within a matter of hours, OpenText Security Services identified all the actions that the threat actor had run on the system, detected all the malicious content and provided a full scope of the sequence of events that occurred on the system.”

Within a matter of hours, OpenText Security Services identified all the actions that the threat actor had run on the system, detected all the malicious content and provided a full scope of the sequence of events that occurred on the system.

Spokesperson
U.S. medical university

Detection of threats within minutes

Speed is key when it comes to detecting a cyber breach and preventing further compromise of systems and data. The MxDR service augments the university’s IT team with extensive experience in breach-response investigations and malware analysis, leading to faster, proactive identification and risk remediation. In addition, OpenText cloud-based solutions permit a fully remote service, one that was critical when on-site investigations were difficult during pandemic lockdowns.

“With OpenText MxDR, everything is in the cloud, so it was seamless and efficient for us to use the service. The entire process—the forensic collection and analysis, determining the root cause of a breach, and receiving the report—happens rapidly,” added the spokesperson.

An ounce of prevention

Thanks to its partnership with OpenText Security Services, the university is confident in its ability to quickly identify threats and address them before critical damage is done. By catching breaches early in the cyber kill chain, the university effectively reduces the risk of disruptive ransomware attacks that could jeopardize critical operations.

The spokesperson noted, “In recent threat incidents, OpenText MxDR experts were able to prove that the threat actors didn’t move laterally, did not exfiltrate any data and did not persist. This gave us peace of mind that our environment is secure.”

About U.S. medical university

Leading United States medical university guards against cyber threats with OpenText security solutions. University mitigates risk, defends against threats and accelerates response times with OpenText™ Managed Extended Detection and Response (MxDR).

FeaturedFeatured

Analytics CloudAnalytics Cloud

Analytics DatabaseAnalytics Database

Business Intelligence and ReportingBusiness Intelligence and Reporting

Data DiscoveryData Discovery

eDiscovery and InvestigationseDiscovery and Investigations

Legal Content and Knowledge ManagementLegal Content and Knowledge Management

Aviator Search

Business Network CloudBusiness Network Cloud

Supply Chain IntegrationSupply Chain Integration

B2B Integration ServicesB2B Integration Services

Ecosystem CollaborationEcosystem Collaboration

Business Network Aviator

Content CloudContent Cloud

Document ManagementDocument Management

AI Content ManagementAI Content Management

Business IntegrationsBusiness Integrations

Capture and Intelligent Document ProcessingCapture and Intelligent Document Processing

Information ArchivingInformation Archiving

Process AutomationProcess Automation

Information GovernanceInformation Governance

Content Aviator

Cybersecurity CloudCybersecurity Cloud

Application SecurityApplication Security

Identity and Access ManagementIdentity and Access Management

Data Privacy and ProtectionData Privacy and Protection

Digital Investigations and ForensicsDigital Investigations and Forensics

Threat IntelligenceThreat Intelligence

Threat Detection and ResponseThreat Detection and Response

Cybersecurity Aviator

DevOps CloudDevOps Cloud

DevOps PlatformDevOps Platform

PPM and Strategic Portfolio ManagementPPM and Strategic Portfolio Management

Quality ManagementQuality Management

Functional TestingFunctional Testing

Performance EngineeringPerformance Engineering

DevOps Aviator

Experience CloudExperience Cloud

Web and Brand ExperiencesWeb and Brand Experiences

MessagingMessaging

Customer Journey and DataCustomer Journey and Data

Media ManagementMedia Management

Contact Center AnalyticsContact Center Analytics

Experience Aviator

IT Operations CloudIT Operations Cloud

Service ManagementService Management

FinOpsFinOps

AIOps and ObservabilityAIOps and Observability

AutomationAutomation

Network ManagementNetwork Management

IT Operations Aviator

OpenText ThrustOpenText Thrust

Developer Cloud technical documentationDeveloper Cloud technical documentation

Aviator Thrust

PortfolioPortfolio

Data protection and endpoint backupData protection and endpoint backup

Endpoint management and mobile securityEndpoint management and mobile security

Hybrid work, email, and team collaborationHybrid work, email, and team collaboration

Archiving, eDiscovery, and data securityArchiving, eDiscovery, and data security

Information reimaginedInformation reimagined

Artificial IntelligenceArtificial Intelligence

IndustryIndustry

Enterprise ApplicationsEnterprise Applications

Your journey to successYour journey to success

Customer SupportCustomer Support

Customer Success ServicesCustomer Success Services

Strategy & Advisory ServicesStrategy & Advisory Services

Consulting ServicesConsulting Services

Learning ServicesLearning Services

Managed ServicesManaged Services

Find an OpenText PartnerFind an OpenText Partner

Find a Partner SolutionFind a Partner Solution

Grow as a PartnerGrow as a Partner

Become a Partner

Asset LibraryAsset Library

BlogsBlogs

EventsEvents

CommunitiesCommunities

Customer StoriesCustomer Stories

OpenText NavigatorOpenText Navigator

Featured

Analytics Cloud

Analytics Database

Business Intelligence and Reporting

Data Discovery

eDiscovery and Investigations

Legal Content and Knowledge Management

Business Network Cloud

Supply Chain Integration

B2B Integration Services

Ecosystem Collaboration

Content Cloud

Document Management

AI Content Management

Business Integrations

Capture and Intelligent Document Processing

Information Archiving

Process Automation

Information Governance

Cybersecurity Cloud

Application Security

Identity and Access Management

Data Privacy and Protection

Digital Investigations and Forensics

Threat Intelligence

Threat Detection and Response

DevOps Cloud

DevOps Platform

PPM and Strategic Portfolio Management

Quality Management

Functional Testing

Performance Engineering

Experience Cloud

Web and Brand Experiences

Messaging

Customer Journey and Data

Media Management

Contact Center Analytics

IT Operations Cloud

Service Management

FinOps

AIOps and Observability

Automation

Network Management

OpenText Thrust

Developer Cloud technical documentation

Portfolio

Data protection and endpoint backup

Endpoint management and mobile security

Hybrid work, email, and team collaboration

Archiving, eDiscovery, and data security

Information reimagined

Artificial Intelligence

Industry

Enterprise Applications

Your journey to success

Customer Support

Customer Success Services

Strategy & Advisory Services

Consulting Services

Learning Services

Managed Services

Find an OpenText Partner

Find a Partner Solution

Grow as a Partner

Asset Library

Blogs

Events

Communities

Customer Stories

OpenText Navigator