A tailor-made assessment designed to not only assess how prepared DHCW were for a ransomware attack, but also provide a robust security improvement plan.

We’ve been working with Digital Health and Care Wales (DHCW) for a while, and following a piece of work designed to provide in-depth and independent review of four technology areas – Security Monitoring, Vulnerability Management, Secure File Share and Security Software Development – we were asked to focus specifically on reviewing their resilience against ransomware.

DHCW are a Special Health Authority who play a leading role in delivering a range of national programmes needed for modern technology-enabled healthcare.

These include: 

  • Mobilising digital transformation and ensuring high quality care 
  • Expanding access to the Digital Health and Care Record 
  • Delivering high-quality digital services 
  • Enabling big data analysis for better outcomes  

Ransomware is becoming a major source of concern for organisations across all sectors, but particularly in Healthcare. Criminals are extremely good at identifying an organisations most valuable assets and know just how disruptive it can be if those assets are seized and held for ransom. Ultimately, healthcare providers look after the most valuable of all resources – human life. Cyber criminals know that if they can gain access to the critical systems that support the vital work NHS staff carry out day in, day out huge sums can be demanded and the importance of getting these systems back on track really is life or death.

It’s for this reason that DHCW rightly wanted to make sure they were in the very best position possible to not only identify a ransomware attack early on, but then also be in a position to deflect it, secure systems and ensure that access to critical data and systems is denied to the attackers.

This exercise involved DHCW taking advantage of our Ransomware Resilience Assessment. This service, taken from our Cybersecurity catalogue, is designed to not only assess how prepared an organisation is for a ransomware attack, but also provide a robust security improvement plan. The corresponding report highlights weaknesses, recommendations and corrective actions and includes a high-level roadmap of prioritised recommendations to help (in this case DHCW) prepare, secure, detect and respond to ransomware events.

Our Ransomware Resilience Assessment, provided DHCW with an independent analysis of the processes and technology that would be used to prevent, withstand, or recover from a ransomware attack. The review covered incident reporting, response, recovery, monitoring, backup/restore, patching and protection/prevention. This provided DHCW with actionable results that fundamentally enabled them to increase their resilience to ransomware attacks.

The assessment recognised that while DHCW has some good cyber security practices in place there were a number of activities identified which they could implement that would improve their ability to detect, respond and recover from a ransomware attack.

It’s been great working with Net Consulting. It’s refreshing to talk to a business who take the time to understand the needs of our organisation. They just seem to ask the right questions to deliver the solutions without fuss. The suggested improvements they provided will be instrumental in helping us enhance our cybersecurity practice – highly recommended.

Jamie Graham
Head of Cyber Security

Do you work in Healthcare? You should be prepared for ransomware.

Understand ransomware trends in 2021 and how to prepare yourself in our new eBook.