Question 1

The Background.

Accepted Answer

We’ve been working with Digital Health and Care Wales (DHCW) for a while, and following a piece of work designed to provide in-depth and independent review of four technology areas – Security Monitoring, Vulnerability Management, Secure File Share and Security Software Development – we were asked to focus specifically on reviewing their resilience against ransomware.

DHCW are a Special Health Authority who play a leading role in delivering a range of national programmes needed for modern technology-enabled healthcare.

These include:
- Mobilising digital transformation and ensuring high quality care
- Expanding access to the Digital Health and Care Record
- Delivering high-quality digital services
- Enabling big data analysis for better outcomes

Question 2

The Challenge.

Accepted Answer

Ransomware is becoming a major source of concern for organisations across all sectors, but particularly in Healthcare. Criminals are extremely good at identifying an organisations most valuable assets and know just how disruptive it can be if those assets are seized and held for ransom. Ultimately, healthcare providers look after the most valuable of all resources – human life. Cyber criminals know that if they can gain access to the critical systems that support the vital work NHS staff carry out day in, day out huge sums can be demanded and the importance of getting these systems back on track really is life or death.

It’s for this reason that DHCW rightly wanted to make sure they were in the very best position possible to not only identify a ransomware attack early on, but then also be in a position to deflect it, secure systems and ensure that access to critical data and systems is denied to the attackers

Question 3

The Solution.

Accepted Answer

This exercise involved DHCW taking advantage of our Ransomware Resilience Assessment. This service, taken from our Cybersecurity catalogue, is designed to not only assess how prepared an organisation is for a ransomware attack, but also provide a robust security improvement plan. The corresponding report highlights weaknesses, recommendations and corrective actions and includes a high-level roadmap of prioritised recommendations to help (in this case DHCW) prepare, secure, detect and respond to ransomware events.

Question 4

The Value.

Accepted Answer

Our Ransomware Resilience Assessment, provided DHCW with an independent analysis of the processes and technology that would be used to prevent, withstand, or recover from a ransomware attack. The review covered incident reporting, response, recovery, monitoring, backup/restore, patching and protection/prevention. This provided DHCW with actionable results that fundamentally enabled them to increase their resilience to ransomware attacks.

The assessment recognised that while DHCW has some good cyber security practices in place there were a number of activities identified which they could implement that would improve their ability to detect, respond and recover from a ransomware attack.

Digital Health and Care Wales – Ransomware Resilience

Subscribe to our newsletter