Archive for February, 2019

New York-Presbyterian and Splunk to Implement New Approach to Guard Against Misuse of Controlled Substances, Including Opioids Misuse

Splunk Helps One of the Nation’s Leading Hospital Systems Fight Prescription Fraud

SAN FRANCISCO – February 6, 2019 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, and NewYork-Presbyterian, one of the nation’s most comprehensive academic healthcare delivery systems, are collaborating to help solve one of the toughest challenges in healthcare. NewYork-Presbyterian and Splunk are working together to develop new data analytics tools that prevent the potential diversion of controlled substances, including opioids.

“At a time when overdose deaths are at crisis levels across the country and in New York City, largely due to the opioid epidemic, healthcare providers have a responsibility to safeguard against any potential diversion of drugs,” said Jennings Aske, senior vice president and chief information security officer at NewYork-Presbyterian. “NewYork-Presbyterian is taking a leading role in protecting the public by implementing highly effective controls to avoid the illegitimate use of controlled substances. Ultimately, we hope that other hospitals benefit from this new platform as well.”

NewYork-Presbyterian approached Splunk to develop the controlled substance monitoring platform, while also enhancing patient privacy, because of its products’ unique ability to synthesize big data analytics with a massive volume and a variety of data from hundreds of clinical applications, systems and data sources. NewYork-Presbyterian, which currently uses Splunk® Enterprise and Splunk Enterprise Security to monitor IT security operations, recognized that the same principles could be used to build a platform to more closely safeguard controlled substances and other medications, and ultimately benefit the greater healthcare community as a public good.

The enhanced Splunk controlled substance monitoring platform, which will be implemented in Q2 of 2019, will enable NewYork-Presbyterian to track data from electronic health records (EHRs), Electronic Prescription of Controlled Substances (EPCS) platforms, pharmacy dispensing systems and other sources, delivering insights to guard against the diversion of these medications. With the enhanced system, NewYork-Presbyterian will be able to see if drugs are being diverted for potentially illegitimate purposes. For example, the Splunk platform will immediately alert NewYork-Presbyterian if a physician were to prescribe a controlled substance to a patient not currently in the care of the hospital, or if a pharmacy technician were to use an automated dispensary cabinet more often than his or her peers. In addition, the platform will be used to safeguard against the diversion of other high-cost medications, such as certain anti-cancer drugs that can be priced at tens of thousands of dollars per month.

NewYork-Presbyterian and Splunk also are developing an enhanced data analytics tool to expand proactive security measures to protect patient privacy and investigate unauthorized access to electronic patient records from internal and external sources. NewYork-Presbyterian currently has an established and robust set of policies, protocols and system controls to protect patient information. The enhanced Splunk privacy platform will add even more safeguards, including the ability to issue alerts in real time if someone were to inappropriately view patient records. The platform has a user-friendly dashboard so the hospital’s privacy officers can easily and quickly conduct an investigation.

“Splunk is excited to work with NewYork-Presbyterian as it leads the way in helping to fight the opioid crisis with data analytics,” said Haiyan Song, senior vice president and general manager of security markets at Splunk. “In addition, we are thrilled to work with the hospital system to help it identify and respond swiftly to potential misuse of patient data. Ultimately, this will enhance NewYork-Presbyterian’s capabilities to protect their patients and provide the best possible care.”

“We are pleased to collaborate with Splunk so that NewYork-Presbyterian is among the most secure hospital systems in the nation,” Aske said. “In addition to delivering the highest quality care, we are committed to keeping our patient information private and secure. NewYork-Presbyterian is at the forefront of using advanced technology to protect our patients and provide innovative, compassionate care.”

Sandia National Laboratories Tracks Hackers and Reverses the Cost of Cyber Crime with Data-Driven Cyber Defense Platform

Supported by Splunk, The HADES Program Captures, Monitors and Analyzes Threats by Taking Action on Data

SAN FRANCISCO – February 20, 2019 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, and Sandia National Laboratories, a national security lab of the U.S. Department of Energy’s National Nuclear Security Administration (NNSA), are changing the dynamics of cyber warfare by automating threat detection and response. In this case, the Sandia detective work is done in conjunction with the underlying support structure provided by Splunk.

Sandia has launched the High-Fidelity Adaptive Deception & Emulation System (HADES) program, which routes detected threats into a virtual environment designed to emulate real-life networks. HADES enables security analysts to profile adversary movements and automate responses at machine speed, ultimately allowing Sandia to anticipate adversary tactics, better protect networks and save time and money.

As a federally-funded, multi-mission U.S. National Nuclear Security Administration research and development lab, Sandia develops, engineers and tests the non-nuclear components of nuclear weapons, making it a high-value target for cyber adversaries. HADES diverts adversaries with continuously changing targets while offering defenders an undetectable view of attacker movements. Splunk® Enterprise software takes quick action on their data by identifying and analyzing criminal behavior to activate countermeasures with confidence.

“The combined power of HADES using the Splunk Enterprise system enables analysts to run real-time cyber operations that protect our operational networks, while gaining information about the adversaries attempting to penetrate programs,” said Vincent Urias, Distinguished Member of the Technical Staff at Sandia National Laboratories. “As they move about, attackers leave breadcrumbs revealing their steps and the tactics, techniques and procedures that are valuable to prevent future attacks. This one-of-a-kind program can be a model for federal agencies who are struggling to attack and respond to cyber threats at machine speed.”

HADES maps relationships between all relevant parts of an IT ecosystem. With high-precision timestamps, Sandia can sift through data from any source to understand what adversaries are doing, then funnel that intelligence to defenders in real, operational networks. As a result, HADES can deceive, interact with and analyze adversaries in real-time.

“Sending adversaries on the cyber equivalent of a wild goose chase forces bad actors to waste money, time and resources, making cybercriminals incur sunk costs similar to those traditionally experienced only by the defender,” said Frank Dimina, vice president of public sector at Splunk. “Splunk is proud to work with dozens of federal and civilian agencies such as Sandia to tackle their toughest IT, security and IoT challenges head on with data.”

To date, HADES has used Splunk to help Sandia close the threat intelligence gap, as the information gained from HADES is already being redeployed to bolster national security and protection of federal networks.

HADES has garnered acclaim for its highly impactful and important work. Most recently, it was recognized with a Government Innovation Award alongside other celebrated public sector IT disruptors, innovators and emerging leaders.

For more information on how Sandia is using the Splunk platform to redefine real-time cyber defense strategies, visit the Splunk website.