Case study

Kootenai Health

Healthcare data breaches are up 196% year-over-year.*

Kootenai Health serves patients 24×7×365 at their Idaho hospital and their clinics throughout the Inland Northwest and needed an around-the-clock security solution.

As Kootenai Health worked to expand its hospitals and clinics crossing three states, it also underwent a leadership change, bringing on a new Chief Information Officer (CIO). The new team quickly recognized the need to evolve the IT security posture across the organization.

IT Security Manager, Adam Holloway, knew his team of two couldn’t effectively monitor for threats and intrusions around-the-clock.

“We didn’t have the manpower or tools to keep visibility of our network 24×7,” he said. “We had a SIEM but that required more staff than we have.” Holloway and CIO, Ryan Smith, looked for a cybersecurity provider and evaluated them in three ways: capabilities, technology, and cost.

“When we got down to the final selection, I wanted to find someone who would be the best partner,” Smith said. “Everyone treats you really well before the contract is signed, but I get concerned about who will actually treat you well after the ink is dry. CI has become a great partner.”

We didn’t have the manpower or tools to keep visibility of our network 24×7. Adam Holloway, IT Security Manager, Kootenai Health

Critical Insight solved the problem

The team chose CI Security’s Critical Insight Managed Detection and Response after becoming convinced it checked all the boxes for capability, technology, cost, and partnership.

When Kootenai Health installed MDR and began tuning it with the CI Security team, Smith and Holloway saw the value immediately. Holloway remembers, “We finally had insight into our network traffic. CI Security was able to detect things we didn’t know about. We were then able to remediate. It was a great help to us.”

Smith was able to go to Kootenai Health’s CEO with the good news, noting, “I brought the fixes we made and he was very positive.”

Kootenai also wanted someone with more technical expertise to handle vulnerability scanning, something CI Security now handles with Continuous Vulnerability Identification (CVI).

Today, CI Security monitors all of Kootenai’s hospitals and clinics 24×7×365.

In one month, Critical Insight Security Analysts conducted more than 700 thorough investigations, eliminating most of the alerts as false-positives and only contacting Kootenai when needed to verify there were no serious issues.