Our client

The business

  • Management of more than 35 markets for healthcare facilities
  • 1500 members
  • Cross-functional work in the IT and Telecoms fields


  • Designing a cybersecurity service designed for healthcare
  • Suggesting a suitable delivery method
  • Reconciling the expertise and proximity of a service provider with the best protection technologies

We have been protecting the healthcare sector, especially hospitals (CH), for years. When we met the French Hospital IT Purchasing Centre (CAIH), we recognised that their values aligned with our philosophy.

We decided to collaborate with them, with the aim of making the highest level of security affordable and accessible to all healthcare institutions.

The context

The CAIH (an association made under the French law of 1901) manages 37 businesses in the hospital IT field, specialised in many domains including: hardware, software, networks, security, cloud and services, etc. It serves various public health structures such as hospitals (CHs), regional university hospitals (CHRUs) and regional hospital groups (GHTs).

“For the CAIH, it was essential to offer our members a tailor-made service, serving their interests above all, to work together in making health establishments’ IS more secure. These shared values are the key to the success of the CAIH/Advens collaboration, to the benefit of members.”

Vincent Deleau • Director of Operations for the CAIH

A need for protection to support healthcare

Hospitals today need to constantly protect themselves from disruptions in the continuity of care. Under the auspices of the CAIH, the CISOs of healthcare institutions have designed an innovative and efficient service. The goal: to enable institutions that do not have enough resources to arm themselves against digital threats.

A service designed for healthcare providers

Comprehensive risk coverage

350,000 hospital staff benefit from protected digital services, within health structures of various types and sizes.

  • The Biomedicine Agency
  • Réunion Island Regional Health Agency (ARS)
  • Marseille Public University Hospital System (AP-HM), Lille regional university hospital, Lyon Civil Hospices (HCL), Rouen university hospital
  • Annecy hospital, Saint-Jean-d’Angély hospital, etc.
  • French National Authority for Health
  • Gustave Roussy Institute
  • Regional Digne-les-Bains hospital group (GHT04)
  • And others !

A 24/7 Security Service for health

This is not just a service, but a community for sharing expertise. We created it in order to permanently improve the prevention, detection and response to cyber threats services in the healthcare sector. A community that relies on the solid experience of the institutions’ CISOs and our expertise.


Provide continuous monitoring to prevent security incidents.
prevention, detection and response to attacks


All non-profit health structures on French territory.

institutions under surveillance and 25 being deployed

119 000
machines under surveillance


Real-time incident detection for a quick and effective response.

11 M
suspicious events per quarter

malicious transactions per quarter

Responding to challenges and issues

This project is part of the response to the second guideline of the French Government’s ‘Accelerating the eHealth shift’ roadmap. It has enabled the CAIH to step up the security of health information systems.

  • Include CISOs in a common strategy with an operated service and a community of users.
  • Support French innovation with the integration of a sovereign EDR (HarfangLab).
  • Accelerate the deployment of ‘turnkey’ operational security services.

The idea was then to allow work to continue and for there to be no impact on the management of care and on the overall care of patients.

Cyber crises do systematically come with business disruptions, such as loss of time, resorting to using paper, communication problems, etc., which represent a certain cost.All the more so since the attacked system has to be rebuilt and the loss of earnings compensated. Not to mention the cost of the ransom that institutions are forced to pay to access their systems!

The results

The service has been gradually rolled out since March 2020. It now covers more than 120,000 workstations and servers. The institutions that have deployed it following the recommendations have not yet experienced any successful attacks or crises related to ransomware.

“Through its understanding of the issues and needs on the ground, Advens was able to meet a strong demand for an endpoint protection service (EDR). The CAIH, proud to have received the ANS Cybersecurity Talents De La E-santé Award, is therefore providing, with the help of its partner Advens, a shared and scalable 24/7 managed service for its members.”

Régis Kaminski • CAIH Buyer