Armis updates NHS DSPT reporting capabilities ahead of June 30^th 2023 deadline

Healthcare organizations across the UK are gearing up to meet the June 30^th deadline to complete the NHS Data Security and Protection reporting requirements.

Download the DSPT Solution Brief.

For many, this will be a process of manually inventorying every device on their network, possibly creating or updating a spreadsheet that may not have been touched since June 2022, and a lot of digitally and physically searching for, and then identifying devices. For one organization, this process involved more than 30 people and hundreds of hours. 

Working with a number of NHS Trusts , we looked at the specific challenges organizations faced and collaborated on a number of new features and dashboards in the Armis platform. Some of the often faced barriers we heard include:

• Knowing what is on the network. Beyond shadow IT, medical devices through third party vendors, research equipment being added to the network, are difficult to identify with existing tools and are all security risks
• Limited resources. The healthcare staffing issues go beyond the well documented clinical staffing challenges and are affecting other roles including IT. Time intensive tasks like inventory are extremely time consuming and difficult to prioritize against real time problem resolution
• Spreadsheets. Spreadsheets are still the most common way of collecting this type of asset inventory information for many organizations. The challenges I’m sure are apparent to everyone that’s reading this. They’re immediately out of date, notoriously error prone, do not survive staff turnover etc. etc.

As a result of these partnerships, Armis has introduced new DSPT specific compliance dashboards and reports to simplify the DSPT process.

At its core, the Armis platform is able to provide the visibility and risk profile information that forms the basis not only for DSP reporting, but for critical use cases including consistent inventory assessment, CMDB enrichment, security gap analysis and vulnerability management. These core capabilities  include:

• Detecting all IoMT, IOT, IT and OT managed and unmanaged assets communicating on the network
• Identifying known vulnerabilities, threats and exploits for devices and software versions
• Identifying and mapping risk for all assets across all sites
• Automating responses through hundreds of integrations with customers existing security, networking and asset management platforms

Through the collaborations with NHS Trusts, Armis has introduced: 

• 30 Out of the box dashboards specifically aligned with the DSP evidence controls.
• These dashboards dramatically simplify the alignment of reporting to the DSP evidence requirements while greatly improving real time visibility into threats, vulnerabilities and operational risks
• Dashboards a further customizable for site specific contextual information or additional internally required views
• All dashboards are deployed with a single click.

Although DSP compliance reporting is undoubtedly an important milestone. The value of the Armis platform doesn’t stop there. With a complete asset inventory and associated risk and vulnerability data, Armis can further support NHS organizations with:

• Cyber Alert impact and remediation reporting
• Security hygiene and gap analysis
• CMDB / CMMS enrichment
• Adherence to security frameworks including CIS and NIST
• And more…

For more information on how Armis can help please email [email protected]