Birmingham NHS Trust bolsters cyber security to protect patient data

A Birmingham trust has invested in a full suite of cyber security services from CyberGuard to keep patient data safe.

Birmingham’s Community Healthcare NHS Trust (BCHC) provides clinical and specialist services from over 100 community sites and, with a workforce running in to the thousands, the disparate trust’s previous IT services were making it difficult to implement enhanced cyber security measures.

BCHC’s head of IT, Gerard Kilgallon, said: “The trust’s IT team has an unwavering priority to deliver IT services that enable its clinicians to provide patient care, meaning cyber security was being reluctantly de-prioritised across the trust.

“This sizeable challenge was in the shadow of the infamous WannaCry ransomware attack that brought other NHS trusts across the UK to a standstill in 2017. Ever since there’s been widespread acknowledgement that the NHS was suffering something of a cyber security crisis, being at serious risk of another attack.”

It quickly became apparent that the trust’s already stretched resources could not support a new team of cyber specialists, so instead they turned to CyberGuard.

The IT company audited BCHC’s security requirements and ran a ‘proof of concept’ for the trust so it could demonstrate how its technologies and team would work. Then CyberGuard set up a Critical Incident Response Service to proactively protect the trust’s systems.

CyberGuard’s scope was further expanded when it implemented its SIEM (Security Information & Event Management) solution to better manage the communication between the trust’s existing security products. This gave CyberGuard full knowledge of any known threats to the trust, along with possible attack vectors, so that it could escalate and respond to protect strict patient data protocols.

Sean Tickle, head of CyberGuard Technologies, said: “Taking our skills and expertise into the public sector has been thoroughly rewarding for CyberGuard, particularly at a time when the NHS has suffered unprecedented pressure due to the pandemic. The NHS is a precious public service and we’re proud to be working in partnership to keep BCHC’s network and highly sensitive data protected from cyber threats.”

The WannaCry ransomware attack in 2017 was estimated to have cost the NHS £92m in both direct costs and lost output. The ransomware incident affected services at one-third of NHS trusts and approximately 8% of GP practices in England.

The Covid-19 pandemic once again put the NHS at high risk of cyber attacks, only this time it was better prepared. According to the National Cyber Security Centre it shared more than 160 ‘high-risk and critical vulnerabilities’ with NHS trusts between September 2019 and August 2020 to raise awareness of threats.