St John Ambulance NSW is using a Microsoft Sentinel-powered managed detection and response service to boost the security of its cloud-based environment.

The first aid charity procured the service through Macquarie Cloud Services, which it has also asked to supply a threat intelligence platform and cyber training for staff and volunteers.
CIO Peter Bouhalis said that investing in automated defences against attacks on the healthcare sector, and in cyber security training, was imperative.
“It is difficult for small organisations to hire their own cyber security personnel,” Bouhalis said in a statement.
St John Ambulance NSW collects and holds a wealth of patient data, making it a potential target.
Moreover, St John NSW’s volunteers have to rapidly update and exchange patient information in real-time when responding to emergencies.
Bouhalis said Macquarie Cloud Services, which holds Azure-only Expert MSP status, was tapped to build a threat intelligence platform that ingests more than 40 of St John’s NSW’s data sources, reducing manual monitoring and other security tasks.
Microsoft Sentinel provides security information and event management (SIEM) and security orchestration, automation, and response (SOAR) capabilities.
It also includes Azure Monitor’s tamper-proofing and immutability practices for data handling.
Bouhalis said that as well as supporting St John NSW to train its staff and volunteers to handle patcient data securely, “Macquarie helped us introduce tailored conditional access policies” to strengthen compliant and safe practices and reduce dependence on manual operations.