CASE STUDY
ACCORDING TO MCGIVERN, THE TRUST ADDED
MCAFEE ENTERPRISE SECURITY MANAGER AND
OTHER COMPONENTS OF THE MCAFEE SIEM
SOLUTION PRIMARILY TO EXPAND VISIBILITY
ACROSS THE ENTERPRISE, ENABLING BETTER
CONTROL AND INCREASED ABILITY TO MEET
FUTURE COMPLIANCE REQUIREMENTS.
T
he United Kingdom’s National Health
Service (NHS) foundation trusts are
healthcare providers that together
cover the country geographically to deliver
healthcare services for all inhabitants. One
of the largest integrated care providers in
England, the County Durham and Darlington
NHS Foundation Trust serves a population
of more than 650,000 in Northern England
through its two acute hospitals, six
community hospitals, and 80 community
sites. As the ICT Technical Security Manager
for the Trust, Tony McGivern never stops
working to ensure that the Trust can deliver
its critical services 24/7 and that its staff
and patients can be confident that their
information is safe.
Constant change demands robust,
adaptable security a minimal security team have often had to
deal with industry and institutional changes
that affect information security, but these
days dealing with change is their modus
operandi. For instance, the Trust is currently
preparing to move entirely to electronic
patient records. In addition, because of
the impending NHS England sustainability
and transformation plans, which are
intended to provide patient services when
and where they are needed, regardless of
which local service providers are nearby, the
Trust must be able to securely exchange
more information with other healthcare
organisations. If that’s not all, the Trust
can be called upon at any time to add new
healthcare services that introduce additional
systems into the environment. And of
course, there is always the latest cyber threat
looming in the background.
Since McGivern began working at the Trust in
information security eight years ago, he and “Ultimately, all these changes and potential
changes, from both inside and outside
64
INTELLIGENTCIO
the organisation, demand a higher level
of security, with greater visibility, control,
and adaptability,” explained McGivern.
“For instance, in the future, with increased
exchange of information with other
healthcare organisations, we need to
be even better at knowing exactly what
is entering and exiting our network and
blocking anything that shouldn’t enter or
depart and ensuring it is secure at all times
of transfer.”
Zero-Day attack prompts return
to McAfee
10 years ago, County Durham and
Darlington NHS Foundation Trust decided to
try an alternate antivirus solution. However,
shortly thereafter a zero-day attack caused
significant impact across the organisation.
An available McAfee license enabled
the Trust to submit one of the zero-day
infected files to McAfee. “McAfee staff were
www.intelligentcio.com