Secondary Care

Bolton NHS Foundation Trust selects Vectra to automate threat detection

Bolton NHS Foundation Trust has selected the Cognito cyberattack detection and threat hunting platform from Vectra to expose hidden attackers inside its network.

The Cognito platform, which automates threat detection and secures against hidden attackers, utilises artificial intelligence and always-learning threat behaviour models to mitigate security risks that could impact clinical care, operations and patient safety.

Bolton NHS wanted to secure its highly integrated IT ecosystem and protect critical patient, financial and clinical research data across a growing number of mobile devices, medical internet-of-things devices, data centre workloads and cloud services.

An AI-powered cyberattack detection and threat hunting platform, Cognito finds hidden and unknown attackers in real-time to enable quick, decisive incident response. The highest-risk threats are automatically prioritised and triaged by Cognito, enabling the cybersecurity team to quickly stop advancing threats before key assets are damaged or stolen.

Brett Walmsley, chief technology officer at Bolton NHS Foundation Trust. “We are duty bound to protect our patient information. After WannaCry, security was on top of people’s minds. If someone is in your network, how would you know?”

“Cognito filled a gap. We needed to know what we didn’t know, and Cognito showed us what was hidden. We have a strong security infrastructure, but there’s always ambiguity. With Cognito, we don’t have to worry about not knowing an attacker is in our network.”

“The healthcare industry is a treasure trove of highly sensitive and valuable data and, as has been seen by a number of high-profile attacks on the NHS, a top target for cyber criminals” said Chris Morales, Head of Security Analytics at Vectra. “In a pressurised environment where every second counts and could save a life, IT teams need to be able to prioritise threats based on their relevance and severity. With Cognito, the time-consuming work of manual threat hunting and investigations is already done for them, making the team more efficient and effective as they secure data centre and cloud workloads and user and medical IoT devices.”