Princess Alexandra Hospital NHS Trust is a general hospital with 420+ beds located in Harlow, Essex, UK. Its facilities include three hospitals and one administrative center that provide a broad spectrum of patient care—emergency response, specialized outpatient care, surgical services, maternity care, and more—to approximately 350,000 to 500,000 residents in the surrounding community.
With a background in the private sector, Jeffrey Wood, deputy director of information and communication technology, is working on a 2030 vision to transform the organization into one of the most digitally advanced public healthcare trusts in the UK. Among his initiatives are a virtual holographic receptionist that speaks six languages, cloud telephony, an electronic health record system, and improvements in cyber resilience and security.
The Challenge
The healthcare industry and its data are a top target of cyberattacks. It only takes one incident to have devastating effects on both patients and the hospital. With more and more internet-connected equipment being added at Princess Alexandra Hospital, Wood was concerned about the growing attack surface.
He recognized the need to have visibility into everything that could be an attack vector for hackers. The medical equipment and every piece of new technology—from the virtual receptionist to new IoT lockers—create additional risk. It was also a challenge for his team to keep up with patching on legacy medical equipment, some of which still operate on Windows XP, Linux, and Unix.
Challenges
-
Secure the expanding attack surface from malware and cyber threats
-
Identify and segment legacy IoT and IoMT devices
-
Automate asset discovery and vulnerability management
Results
-
Automated asset discovery and vulnerability management
-
Improved operational efficiency by reducing time spent on manual tasks
-
Increased security posture and decreased MTTR
-
Prevented a device connecting to a known malicious domain from spreading malware