Cognito cyber attack detection and threat hunting platform to expose hidden attackers inside hospital network
Vectra’s Cognito cyber attack detection and threat hunting platform is to be deployed at Bolton NHS Foundation Trust to expose hidden attackers inside its network.
The platform, which automates threat detection and secures against hidden attackers, utilises artificial intelligence and always-learning threat behaviour models to mitigate security risks that could impact clinical care, operations and patient safety.
In a pressurised environment where every second counts and could save a life, IT teams need to be able to prioritise threats based on their relevance and severity
Bolton NHS is responsible for community health centres and clinics in Bolton and the surrounding area, as well as district nursing and intermediate care and services at the Royal Bolton Hospital.
To deliver high-quality care and control costs, Bolton NHS had undertaken a strategic digital transformation project.
As a critical part of this transformation, the trust wanted a cyber security solution that supported its digital healthcare initiatives.
The trust also wanted to secure its highly-integrated IT eco system and protect critical patient, financial and clinical research data across a growing number of mobile devices, medical internet-of-things devices, data centre workloads and cloud services.
An AI-powered cyber attack detection and threat hunting platform, Cognito finds hidden and unknown attackers in real-time to enable quick, decisive incident response.
The healthcare industry is a treasure trove of highly-sensitive and valuable data and, as has been seen by a number of high-profile attacks on the NHS, a top target for cyber criminals
The highest-risk threats are automatically prioritised and triaged, enabling the cyber security team to quickly stop advancing threats before key assets are damaged or stolen.
“We are duty bound to protect our patient information,” said Brett Walmsley, chief technology officer at Bolton NHS Foundation Trust.
“After WannaCry, security was on top of people’s minds. If someone is in your network, how would you know?”
“Cognito filled a gap. We needed to know what we didn’t know, and Cognito showed us what was hidden.
“We have a strong security infrastructure, but there’s always ambiguity. With Cognito, we don’t have to worry about not knowing an attacker is in our network.”
The trust supports an increasing number of connected devices on its network, including patients and visitors using guest Wi-Fi for their personal devices, MRI systems and other medical devices, and Wi-Fi-enabled infusion pumps.
As a result, it needed to strengthen its network security protections and simultaneously give the IT security team greater visibility into risks and potential attacks that were invisible before the Cognito platform was deployed.
“The healthcare industry is a treasure trove of highly-sensitive and valuable data and, as has been seen by a number of high-profile attacks on the NHS, a top target for cyber criminals”, said Chris Morales, head of security analytics at Vectra.
“In a pressurised environment where every second counts and could save a life, IT teams need to be able to prioritise threats based on their relevance and severity.
“With Cognito, the time-consuming work of manual threat hunting and investigations is already done for them, making the team more efficient and effective as they secure data centre and cloud workloads and user and medical IoT devices.”