Birmingham’s Community Healthcare NHS Trust (BCHC) has invested in a full suite of cyber security services to keep its patients’ data and personal details safe from any would-be cyber-attacks, criminals and hackers.
BCHC provides over 100 community-based clinical and specialist services, via community hospitals, health centres, clinics, community centres, schools, care homes and dentists, to patients living in and around Birmingham.
With thousands of employees working in over one hundred sites, BCHC’s previous IT landscape made cyber security difficult to implement effectively for the disparate workforce, using the Trust’s own internal, stretched resources alone. As each NHS Trust’s security responsibility is theirs alone, BCHC recognised its need for additional security, which would offer value for money and not exceed public sector budgetary constraints.
Kidderminster-based CyberGuard Technologies is one regional IT security services provider that has taken responsibility for ensuring NHS Trusts like BCHC are kept safe from would-be attackers.
BCHC’s Head of IT, Gerard Kilgallon: “The Trust’s IT team has an unwavering priority to deliver IT services that enable its clinicians to provide patient care, meaning cyber security was being reluctantly de-prioritised across the Trust. This sizeable challenge was in the shadow of the infamous WannaCry ransomware attack that brought other NHS Trusts across the UK to a standstill in 2017. Ever since there’s been widespread acknowledgement that the NHS was suffering something of a cyber security crisis, being at serious risk of another attack.”
Initially Gerard planned to recruit his own cyber specialists but it quickly became apparent that employing a knowledgeable cyber security team would be a challenge in itself. Due to a skills shortage in the UK, salaries for efficient security experts are currently beyond BCHC’s recruitment budget.
CyberGuard spent time assessing BCHC’s security requirements via an audit and running a ‘proof of concept’ for the Trust for a number of weeks, which allowed the Trust to see CyberGuard Technologies’ security service and teams in action and was integrated into the NHS’ complex infrastructure to ensure visibility. CyberGuard also set up a Critical Incident Response Service to proactively protect the Trust’s systems and date, which saw CyberGuard’s Security Operations Centre (SOC) investigate, react to and remediate any threats at source.
Soon after, BCHC expanded CyberGuard Technologies’ scope with the implementation of its SIEM solution (Security Information & Event Management) to transform the communication between all of the Trust’s existing security products, which provided a clear picture of any threats to the Trust, along with possible attack vectors, so CyberGuard could escalate and respond to protect the strict patient data protocols and keep sensitive data safe.
Sean Tickle, Head of CyberGuard Technologies, concluded: “Taking our skills and expertise into the public sector has been thoroughly rewarding for CyberGuard, particularly at a time when the NHS has suffered unprecedented pressure due to the pandemic. The NHS is a precious public service and we’re proud to be working in partnership to keep BCHC’s network and highly sensitive data protected from cyber threats.”