An NHS Foundation Trust has selected a new AI-powered cyberattack detection and threat hunting platform to prevent any future attacks as part of a digital transformation project.
Bolton NHS Foundation Trust was not affected by the WannaCry ransomware attack that affected other Trusts last year, but have selected the Cognito platform from Vectra to expose hidden attackers from inside its network. It uses artificial intelligence and always-learning threat behavior models to mitigate security risks that could impact clinical care, operations and patient safety.
The Trust is responsible for the provisioning of community health centres and clinics to more than 140,000 people in Bolton and the surrounding area northwest of Manchester, as well as district nursing and intermediate care and services at the Royal Bolton Hospital.
Brett Walmsley, chief technology offer at Bolton NHS Foundation Trust, said: “We are duty bound to protect our patient information. After WannaCry, security was on top of people’s minds. If someone is in your network, how would you know?
“Cognito filled a gap. We needed to know what we didn’t know, and Cognito showed us what was hidden. We have a strong security infrastructure, but there’s always ambiguity. With Cognito, we don’t have to worry about not knowing an attacker is in our network.”
The highest-risk threats are automatically prioritised and triaged by Cognito, enabling the cybersecurity team to stop advancing threats before key assets are damaged or stolen.
The Bolton NHS Trust supports a number of connected devices on its network, including patients and visitors using guest Wi-Fi for their personal devices, MRI systems and other medical devices, and Wi-Fi-enabled infusion pumps.
As a result, it needs a strong network security protections and simultaneously give the IT security team greater visibility into risks and potential attacks that were invisible before the Cognito platform was deployed.
Chris Morales, head of security analytics at Vectra said: “The healthcare industry is a treasure trove of highly sensitive and valuable data and, as has been seen by a number of high-profile attacks on the NHS, a top target for cyber criminals. In a pressurised environment where every second counts and could save a life, IT teams need to be able to prioritise threats based on their relevance and severity. With Cognito, the time-consuming work of manual threat hunting and investigations is already done for them, making the team more efficient and effective as they secure data centre and cloud workloads and user and medical IoT devices.”