Customer Story

Leeds Teaching Hospital

With 2,500 staff over three locations, including Leeds General Hospital, this large NHS Trust partnered with BlueFort for a specific risk mitigation.
An ever-increasing volume of cyber threats combined with having to keep on top of the requirements of NHS Digital and NCSC’s cybersecurity directive, was becoming a significant challenge for the Trust’s IT and security teams.

Key challenges

  • A 20-year old large and sprawling IT estate was in poor cybersecurity health due to dispersed locations, legacy tools and a shortage of in-house skilled cybersecurity experts
  • Reliance on external consultants resulted in ineffective “point in time” threat assessments
  • Approaches to cyber threat management and remediation were no longer fit for purpose.

Overview of the situation

Since its foundation almost a quarter of a century ago in 1998, the Trust’s IT estate has grown considerably. With in excess of 2,000 servers to manage across a variety of locations, a large number of legacy tools and a more mobile workforce, the Trust realised that deploying legacy approaches to cyber threat management and remediation was no longer fit for purpose.

With only a limited pool of in-house cybersecurity expertise to draw on, it had become reliant on using expensive, external consultants to deliver “point in time” assessments to determine the robustness of its cybersecurity posture. 

This led to the Trust falling behind in the process of applying critical remediations. A reliance on expensive external cyber testing agencies also meant that “point in time” threat assessments were driven by ad-hoc budget availability, rather than any specific risk mitigation methodology; which often left the door open to considerable windows of risk. 

The lack of skilled resources meant that the Trust was constantly in catch-up mode when it came to understanding the state of its attack surface and prioritising the critical remediations required. In addition, the ad-hoc nature of the assessments meant that potential problems could remain undetected, and therefore unremediated, for months at a time, leaving the trust’s IT infrastructure vulnerable to attack. 

Automation continuously identifies, prioritises, validates and remediates potential threats

The Trust engaged BlueFort to deliver its comprehensive cybersecurity framework that focuses on continuous discovery, validation and control. The framework is underpinned by industry standards including: NIST, ISO 27001, Cyber Essentials and Continuous Threat Exposure Management (CTEM). 

BlueFort’s continuous discovery, validation and control methodology helped the Trust move from a reactive to a proactive mindset, actively prioritising risks most relevant to the organisation.

This process removed the reliance on manual legacy cybersecurity penetration testing and assessments, to deliver continuous validation and testing, using leading-edge automated tools to accelerate the assessment and prioritisation of threat discovery and remediation.

The Trust now has a continuous cycle across the entire organisation, where validation and testing continuously identify, prioritise, validate, and remediate potential threats as they arise.   

This has pivoted the IT and security team’s focus from a ‘stop-start’ approach, where attention was pulled to daily issues, to a streamlined process that allows the team to focus on the big picture, prioritising the most important issue at the right time. 

Long-term proactive approach to risk management

The Trust now has complete visibility of its entire on-premise threat surface; and access to sophisticated new assessment tools including: ransomware readiness tests, Active Directory/User integrity checking, and automated pen testing, all coupled with automated cyber testing against the MITRE threat assessment framework. Automated security penetration testing is now modelling the way threat actors might target the Trust, creating virtual attack scenarios that safely exploit points of weakness in the attack surface.

This proactive approach to risk management and effective threat prioritisation has significantly improved the Trust’s security posture; while also minimising compliance pressures facing the IT and security teams. With timely, actionable insights, the teams can easily adapt to changing compliance requirements while increasing the overall value of their cybersecurity efforts.   

Capitalising on strong cybersecurity foundations

The Trust is now taking advantage of BlueFort’s Evolve program to build on this foundation and continuously improve its security environment.  

Evolve is BlueFort’s cyber services platform that glues everything together, providing flexible and on-demand access to skills and expertise to support in-house security teams. 

Evolve offers far more than limited ‘break-fix’ support, without the constraints of traditional managed security services. It provides access to industry experts who have gone through the vetting, testing, and curation of exciting new technologies, to help organisations cut through the noise of the cybersecurity market, deliver proactive cyber market research and provide enhanced support.

By constantly testing the organisation’s security infrastructure, automated penetration testing provides accurate threat validation information and informed recommendations for remediation. BlueFort then works hand-in-hand with the Trust’s IT and security teams to implement effective controls to continuously adapt and improve the Trust’s cybersecurity posture. 

See how BlueFort can help you simplify your cybersecurity