Dartford and Gravesham NHS Trust secures healthcare IoT device ecosystem

Dartford and Gravesham (DGT) NHS Trust has recognised the need to identify and secure against clinical and enterprise IoT cybersecurity risks as a top priority, and chosen technology partners Cylera and AbedGraham Group to help safeguard its medical device and IoT infrastructure.

Other more generalist solutions considered could scan networks and inventory devices, but the Cylera/AbedGraham Group partnership was assessed to be capable of examining and quantifying real-time risks to patient safety and clinical services, whilst aligning with regulatory requirements, and optimising clinical workflows and devices. 

As one of the key hospital trusts in North Kent, England, DGT provides acute and outpatient services for a local population of 500,000 people.

“Medical devices and IoT devices are critical to our ability to provide the best patient care possible to our local community. Over recent years the broad range of medical devices being networked and integrated with clinical systems has led to a new focus of cyber risk, requiring greater local intelligence and control,” said Neil Perry, Director of Digital Transformation at DGT. “We are now able to identify cyber risks associated with this foundational approach.”

Neil has been responsible for the trust’s digital strategy, ICT department, clinical systems development, clinical systems support and health records since September 2016, having joined the trust in March 2007.

“Cylera and AbedGraham have been active participants in our journey to secure the devices most critical to our patient care delivery and cybersafety,” said Shaun van Niekerk, Head of IT and Cybersecurity and Joint Chair of NHS Cyber Associates Network. “All NHS hospitals are in a similar situation with the need to accelerate towards the goal of decreasing IoT cyber risk. This unique compilation of technology provides the exceptional capabilities needed to reach this goal.”

The AbedGraham Group’s cloud-based Clinical Security Analytics Platform was integrated into Cylera’s MedCommand platform in order to analyse and quantify the clinical risks that stem from IT and IoT endpoints across  DGT's healthcare networks, allowing assets and vulnerabilities to be ranked for remediation based on threats to patient safety and care delivery.