Expel MDR allows Dayton Children’s Hospital to strengthen security and reduce risks in patient care

Dayton Children’s Hospital is a not-for-profit pediatric health care provider serving a 20-county area across Ohio and Indiana. With a team of 4,200 employees and an annual revenue of approximately $750 million, Dayton Children’s provides comprehensive pediatric health services ranging from primary care to a Level 1 Trauma Center. As the only facility in the region dedicated exclusively to pediatric care, Dayton Children’s plays a critical role in addressing the health, safety, and medical needs of children and families across its multi-state service area.

To protect vital patient data, Dayton Children’s needed to have a robust cybersecurity practice to defend against threats to hospital systems. The hospital’s security team faced a high volume of data and alerts from their complex cybersecurity tech stack. Analyzing false positives meant they were constantly putting out small fires instead of addressing opportunities to improve the hospital’s security posture.

“Robust cybersecurity measures are essential not only for protecting our hospital but also for maintaining the overall integrity of the health care system. . . By ensuring the security of patient data, we contribute to a safer and more reliable health care environment for everyone.”

The flood of security data created a greater potential for threats to slip through undetected. For health care providers, security breaches can pose severe risks to patient care, privacy, and operational continuity. System compromises or downtime can directly threaten the hospital’s ability to deliver timely, effective treatments to children in need.

“Robust cybersecurity measures are essential not only for protecting our hospital but also for maintaining the overall integrity of the health care system. Cybersecurity directly impacts our ability to provide lifesaving services. If we can’t protect patient information, we face fines, lawsuits, and a critical loss of trust,” says Nick Schopperth, CISO, Dayton Children’s Hospital. “By ensuring the security of patient data, we contribute to a safer and more reliable health care environment for everyone.”

What impressed us with Expel was its compatibility with our existing technology. Other vendors wanted us to change our tech stack or retool our systems. Expel works with our current setup and builds APIs compatible with commonly used software.

Recognizing the need for a more scalable cybersecurity approach, Dayton Children’s initiated a thorough evaluation of managed detection and response (MDR) providers. The hospital sought a partner who could deliver 24×7 monitoring, filter out false-positive alerts, and scale to match their security needs without straining the budget. Dayton Children’s needed a solution that would integrate with, rather than replace, their existing systems and could be managed more efficiently with existing staff. Additionally, the new solution needed to provide comprehensive coverage of their full attack surface, rapid response capabilities, and support for future technology migrations to ensure long-term scalability.

“We used Gartner resources, peer insights, and reference calls to evaluate potential partners,” says J.D. Whitlock, CIO, Dayton Children’s Hospital. “Technical architecture was a key consideration. What impressed us with Expel was its compatibility with our existing technology. Other vendors wanted us to change our tech stack or retool our systems. Expel works with our current setup and builds APIs compatible with commonly used software.”

After comparing various solutions, Dayton Children’s selected Expel for managed detection and response (MDR). The solution seamlessly integrated with the hospital’s existing security infrastructure, including Cisco and Microsoft tools, without requiring a complete system overhaul.

Expel completed the implementation efficiently, minimizing disruptions to critical operations. “The onboarding was surprisingly smooth and quick,” says Mike Brady, Cybersecurity Supervisor, Dayton Children’s Hospital. “We approached it in two stages, which worked well. It’s mainly knowing what you want in the system and what to look for, with the flexibility to add more later.”

The Expel MDR solution improved overall efficiency at Dayton Children’s. “We went from 4 to 6-hour recovery times to 15 minutes,” says Schopperth.

This rapid response enhanced security and minimized disruptions to patient care. Automated alert triage and investigation freed the security team to focus on strategic initiatives. “Expel improves our efficiency because we’re not chasing fires,” says Colin Metzler, Senior Cybersecurity Analyst, Dayton Children’s Hospital. “We handle alerts quickly so we can maintain our focus on long-term projects.”

Expel Workbench™ provides comprehensive visibility, enabling more informed decisions on security posture and resource allocation. This data-driven approach extends beyond security operations, influencing broader IT strategy and aspects of patient care delivery. “We have a strong dashboard for monitoring. If things get out of line or something hiccups, we can see and diagnose the spread,” says Brady.

The hospital uses its improved visibility and data analysis capability to identify trends, anticipate potential issues, and make proactive decisions to improve both security and operational efficiency. Dayton Children’s immediately recognized the value of this capability. “One of the biggest things I worried about at night was the stuff that we couldn’t see,” Brady adds. “So right away we saw all the information that we were getting before, in a view that was sustainable and one that we could interpret quickly and appropriately. I’m not worried anymore.”

Expel MDR provides comprehensive visibility across the environment, from endpoints and networks to cloud services and identity management. “It’s like going from looking through a keyhole to having a panoramic view,” says Metzler. This enhanced visibility helps identify and mitigate vulnerabilities and gaps before exploitation, reducing the risk of data breaches and ransomware attacks.

Data insights from Expel help the hospital optimize its security investments. By understanding which tools and strategies work most effectively in their specific environment, the hospital can allocate resources more efficiently, ensuring maximum return.

Expel’s approach allows us to meet strict regulatory requirements without compromising our ability to provide timely care. Expel’s understanding of health care-specific threats has been crucial in enhancing our security posture and keeping patient data out of the hands of bad actors or anyone who shouldn’t have access to it.

Dayton Children’s prioritizes comprehensive data protection across all aspects of patient care. “We’re protecting information from a child’s first immunization all the way through to potentially sensitive long-term care data. Expel’s approach allows us to meet strict regulatory requirements without compromising our ability to provide timely care,” says Schopperth. “Expel’s understanding of health care-specific threats has been crucial in enhancing our security posture and keeping patient data out of the hands of bad actors or anyone who shouldn’t have access to it.”

Expel’s deep industry expertise plays a crucial role in protecting the complex technology ecosystem at Dayton Children’s. Beyond traditional IT systems, the hospital relies on a network of medical devices, IoT sensors, and specialized health care applications. Expel effectively addresses the challenge of securing this diverse and evolving environment.

This thorough approach helps the hospital meet stringent privacy and security requirements while reducing vulnerabilities across all parts of their network. “Expel’s coverage ensures we’re protecting not only our standard systems, but also the specialized equipment critical to patient care,” Schopperth says.

With Expel MDR in place, Dayton Children’s can focus on innovative health care initiatives and future growth. The enhanced security posture provides a robust foundation for exploring new technologies and expanding services. “As we look to integrate IoT for medical devices and expand our digital health offerings, our partnership with Expel gives us the confidence to innovate safely,” says Schopperth. “We know our patients’ data and critical systems are well-protected, allowing us to push the boundaries of what’s possible in pediatric care.”

This improved security infrastructure supports the organization’s future strategic initiatives, including expanding services and integrating AI-driven tools. The ability to innovate with confidence helps the hospital maintain its leadership in pediatric care, attract top talent, and provide innovative treatments to young patients.

The partnership between Dayton Children’s and Expel has transformed the hospital’s cybersecurity posture. Expel MDR has enhanced data protection and positioned the hospital to advance pediatric care. Improved efficiency, comprehensive visibility, and rapid response capabilities allow Dayton Children’s to focus on its core mission with robust cybersecurity support.

As Dayton Children’s Hospital looks to the future, its strengthened cybersecurity serves as a foundation for growth, innovation, and, ultimately, quality patient care. According to Schopperth, the hospital is now better equipped to face evolving health care challenges, ready to embrace new technologies while ensuring the utmost protection for patient data and trust.

Dayton Children’s Hospital, a leading pediatric care provider, faced critical cybersecurity challenges that had the potential to compromise patient data and disrupt vital care services. The hospital’s small in-house security team struggled with an overwhelming volume of alerts and sophisticated cyberattack threats. By implementing Expel’s Managed Detection and Response (MDR) solution, Dayton Children’s dramatically improved its security posture, slashing incident response times from hours to minutes. This strategic partnership not only enhanced the hospital’s ability to protect sensitive patient information but also empowered the organization to focus on innovative health care initiatives. The success of this implementation positioned Dayton Children’s at the forefront of pediatric care, successfully balancing cutting-edge medical innovations with robust data protection. The hospital now confidently pursues digital health advancements, knowing its critical systems and patient data remain secure.

• Reduced incident response time from 4-6 hours to approximately 15 minutes
• Gained comprehensive visibility across the entire IT environment, including endpoints, network, cloud, and identity management
• Strengthened compliance with health care industry regulatory requirements
• Improved efficiency of the in-house security team, allowing them to focus on strategic initiatives
• Enhanced protection of sensitive patient data throughout its lifecycle, from first immunizations to long-term care information
• Increased confidence in pursuing innovative health care initiatives and expanding digital health offerings
• Achieved cost avoidance by expanding security capabilities without hiring additional full-time staff
• Improved data-driven decision-making about security posture and resource allocation
• Enhanced organizational readiness to face evolving cybersecurity challenges in the health care industry