Healthcare delivery organisation effectively balances innovation and security to drive improved quality of care.
Armis, the cyber exposure management and security company, has announced that it is enabling The Princess Alexandra Hospital NHS Trust (PAHT) to protect its entire attack surface and manage cyber risk exposure in real time, underpinning the delivery of world-class patient care.
PAHT leverages AI-powered Armis Centrix, the Armis Cyber Exposure Management Platform, to proactively identify and mitigate all cyber asset risks, remediate security findings and vulnerabilities and protect the entire attack surface. Armis Centrix for Medical Device Security is a specialised solution engineered to protect healthcare institutions from the growing threat landscape targeting medical devices.
“Putting quality first is the Trust’s approach to everything we do as we strive for excellence and cybersecurity is no exception,” said Jeffrey Wood, Deputy Director of ICT at PAHT.
“Armis has supported us in mitigating risk to our environment, including the large number of physical and virtual assets on-site, legacy technologies needing to be segregated from the corporate network and connected assets that were actively communicating externally. We have identified and strengthened our cybersecurity approach.”
PAHT’s vision is to be one of the most digitally advanced trusts in the UK by 2030. As a part of this transformation to drive improved patient care, the trust has adopted technologies at the cutting edge of innovation. This includes a new electronic health record (EHR) system, a virtual holographic receptionist, Amazon-style lockers and cloud telephony.
With this proliferation of connected physical and virtual assets, the organisation’s attack surface continues to significantly expand at a rapid pace and is protected by Armis.
“We are incredibly proud to support PAHT, enabling their security team to effectively balance innovation and security in pursuit of their larger goals,” said Mohammad Waqas, CTO, Healthcare at Armis.
“As part of our critical infrastructure, healthcare is a top target of cybercriminals. It’s essential that we take action to proactively improve our defences and that we stay steps ahead of bad actors with comprehensive security programmes to ensure uninterrupted, world-class patient care.”
PAHT provides a full range of general acute, outpatient and diagnostic services, with 420 acute beds and operations that span three hospitals and a central administration centre. The organisation employs over 4,000 staff and serves a local population of approximately 350,000 people; with 500,000 additional individuals residing in the boundaries of the wider community within its extended catchment area.
We asked Jeffrey Wood, Deputy Director of ICT at Princess Alexandra Hospital NHS Trust, further questions to find out more:
How has the implementation of Armis Centrix improved PAHT’s ability to manage cyber-risks in real-time, and what specific benefits have you observed in patient care delivery?
Implementing Armis Centrix has significantly enhanced our ability to manage cyber-risk exposure in real-time. As our technology footprint within the Trust expands, so does our attack surface. Armis Centrix is an AI-powered cyberexposure management platform which proactively identifies and mitigates cyberasset risks, remediates vulnerabilities and secures our entire network.
Crucially, the system’s ability to detect and alert us about anomalies in real-time means that we can swiftly isolate and protect vulnerable assets, from critical ECG machines to previously unknown connected devices like coffee machines and other assets, strengthening our overall cybersecurity posture.
This enhanced cybersecurity posture and real-time awareness of our environment allows us to confidently focus on delivering uninterrupted patient care. With this strong foundation we’re able to prioritise ongoing innovation – with safety at the forefront – to ensure we continue providing modern solutions that meet evolving patient needs.
Can you elaborate on the challenges you faced in securing legacy technologies and connected assets that were communicating externally, and how Armis has helped address these issues?
Armis helped us realise the sheer scale of connected assets within our environment, including legacy medical equipment that can’t be patched or replaced, but remain essential to patient care. For example, we cannot ask our emergency department to stop using vital machinery, such as blood pressure machines, simply because it’s legacy technology. As we have implemented a new Electronic Health Record it is essential to have more of these devices connected and reduce the inefficiencies of manual transfer of data which has significantly increased our requirements for connected devices.
The key challenge is securing these assets without disrupting operations. AI-powered cyber exposure management and security is the solution. Armis provides the insights we need to identify, contextualise and manage risks in real-time. By segmenting critical legacy technology from the corporate network, we’ve strengthened security while ensuring uninterrupted patient care.
As PAHT aims to become one of the most digitally advanced trusts in the UK by 2030, what role do you see cybersecurity playing in achieving this vision, and how does Armis fit into your long-term strategy?
Our goal to become one of the UK’s most digitally advanced trusts by 2030 has driven us to adopt a range of new technologies and devices, for example, a virtual holographic receptionist and Amazon style lockers. At the same time, we’ve also increased our use of connected medical devices and the Internet of Medical Things (IoMT). All of which has significantly expanded our attack surface.
Cybersecurity has therefore become essential to protect these assets and keep our hospitals secure while we continue to provide world-class patient care. That’s why we partnered with Armis.
While working with Armis, we ran a proof of concept which opened our eyes to the scale of the issue and we realised the risk was far bigger than we initially thought. Prior to this, we didn’t have full awareness of all the connected assets on site – innocuous things like vending machines were flying under the radar. As soon as we became aware of everything within our ecosystem, seeing, protecting and managing these assets became possible.
Ultimately, innovation is a double-edged sword. Without cybersecurity, innovation could negatively impact patient care. Through an effective balance we’re able to execute our long-term vision for the betterment of our patients.
With the adoption of cutting-edge technologies like the virtual holographic receptionist and Amazon-style lockers, how do you balance innovation with security concerns, and how does Armis support this balance?
Adopting and deploying new technologies is helping us improve patient care and streamline operations, but we know that innovation has to go hand in hand with security. These smart devices aren’t just connecting to our internal systems, they’re also linking to the outside world, which introduces new risks.
That’s where Armis comes in. Its AI-powered platform addresses the entire lifecycle of cyberexposure management – asset discovery and management through to vulnerability discovery, prioritisation and remediation – which allows us to address potential threats without disrupting day-to-day operations. As we continue to modernise, we’re working closely with Armis to make sure our entire attack surface stays protected while we push forward with innovation.
Given the large scale of PAHT’s operations across multiple hospitals and a diverse patient population, how has Armis Centrix helped in managing the expanding attack surface created by the proliferation of connected physical and virtual assets?
With thousands of connected IoT and IoMT devices and virtual assets spread across three hospitals and a central administration centre, we know our expanding attack surface posed a growing cyber-risk. It wasn’t just about securing individual assets – we need full oversight of our entire environment to protect patient care and hospital operations.
Traditional security solutions often focus solely on point solutions or endpoints, like IoMT devices, for instance. However, this approach fails to show the entire picture of all connected assets (IT, IoMT, BMS, etc.) and software, leaving gaps in the broader digital ecosystem. Armis Centrix takes a different approach. The platform allows us to have a holistic view of the entire lifecycle of our cyberexposure management – from asset discovery to vulnerability discovery, prioritisation and remediation. Its AI-driven insights dynamically adjust risk profiles based on device behaviour, ensuring tailored protections across different hospital environments. This has strengthened our security posture, improved compliance and allowed us to tailor protections to the unique needs of each hospital environment.
In light of healthcare being a top target for cybercriminals, what proactive measures have you implemented with Armis to stay ahead of potential threats, and how do these measures contribute to ensuring uninterrupted patient care?
Cybersecurity and IT teams need to be successful 100% of the time, while attackers only need to get lucky once. And as threat actors increase the frequency and severity of their attacks with AI, it’s becoming increasingly difficult to fend off attacks with traditional methods. Just one successful attack can have devastating consequences for patient care and hospital operations.
To stay ahead of threats, we’ve taken a proactive approach with Armis, and are using its AI-powered platform to fight fire with fire. With Armis, we’ve implemented continuous monitoring, automated risk detection and segmentation of vulnerable assets to reduce exposure. Armis Centrix gives us real-time insights across our entire attack surface, allowing us to act on threats before they escalate.
A key part of this is the Armis Centrix dashboards, which provide tailored insights for different teams. Our technicians, security managers and leadership all get the specific information they need to make fast, informed decisions. This accessibility means we can quickly identify and mitigate risks without adding complexity to daily operations.
By making security simple and intuitive for our staff, we’ve ensured that patient care remains uninterrupted – both by reducing the burden on clinical teams and keeping critical assets safe from cyberthreats. With Armis, we continue to strengthen our defences while maintaining the highest standards of patient care.
