Core to Cloud is delivering a new dashboard within the Cylera MedCommand Platform to help NHS Trust customers more rapidly meet response requirements to NHS Digital high severity cyber alerts (formerly CareCERT).
NHS Trusts are required to respond quickly to cyber threat notifications received from NHS Digital’s Data Security Centre (DSC), and must acknowledge receipt of high severity cyber alerts within 48 hours to help protect against the rise in high severity exploits that could impact patient care, privacy, and service continuity.
“Given the ever-evolving cyber threat landscape, NHS Trusts need to quickly acknowledge and respond to high severity cyber alerts”, said Phil Howe, CTO of Cirencester-based Core to Cloud, formerly deputy CTO with Bolton NHS Foundation Trust.
“Information Technology (IT) and security teams always have large task lists and many other urgent needs demanding their attention, so a dashboard like this really helps IT have all the information they need in one view.”
“Cylera wanted to make it extremely easy for Trusts to quickly respond to NHS Digital cyber alerts, and provide very time-efficient workflows,” said Paul Bakoyiannis, CTO and co-founder at Cylera. “The new Cyber Alert Dashboard provides access to all current and historical cyber alerts, and through our analysis, users can immediately tell what systems are affected in the Cylera register of medical devices. The whole response workflow can be managed from one dashboard; receipt, assignment, resolution, and timely reporting back to NHS Digital for compliance purposes.”
If you liked this content…
Experts react to worrying findings in Government’s Cybersecurity Breaches Survey
The rising threat of Putin on the NHS
Economic worries see small firms put security on back burner
New research reports the UK public is embracing digital healthcare – but more trust is needed in its security
Government departments recording large numbers of lost and stolen devices
NHS digital cyber alerts in one place
The new dashboard features a single dashboard view that brings all the current and historical NHS digital cyber alerts into view in one place, from which customers can manage the entire process of receiving and responding to cyber alerts, including the ability to sort by severity, date published, affected devices, alert type, status, who is assigned, last updated by. At-a-glance, the immediate status and who is working on it can be seen and even exported as a file for NHS Digital and others if needed.
The dashboard can also be an online source of verification for auditors who may be assisting NHS Trusts to help meet their 2022 DSPT Data Security and Protection Toolkit requirements. The dashboard is informed by other capabilities within Cylera: asset inventory and management, vulnerability assessment, risk analysis, threat detection, fleet optimisation, security compliance, and its proprietary threat intelligence database.
“NHS Trusts are having to play catch up after COVID, and are still strapped for resources. There’s a backlog of IT system changes and a huge growth in medical devices that is changing the threat surface”, said Richard Staynings, chief security strategist at Cylera.
“One of the greatest challenges faced by Trusts is to understand what exactly is connected to their networks, and what risks these systems pose. Many Trusts are still catching up, such as in the 2022 requirement for organisations to have a register of medical devices. Unfortunately, few today have the needed visibility into their estate assets, and this makes it difficult to respond when a high severity cyber alert comes out.”
