DHI publishes medical device cyber security market analysis

  • 2 May 2024
DHI publishes medical device cyber security market analysis

Digital Health Intelligence has released the latest instalment of its analyses, where Lloyd Price examines the medical device cyber security (MDCS) market.

The report presents a mixed picture of MDCS across the NHS in England. Despite guidance being issued to NHS trusts for the procurement, development, and management of connected medical devices, many trusts struggle with legacy devices and lack resources for effective MDCS programmes.

Many NHS trusts rely on older medical devices that do not have robust cyber security features or receive ongoing security updates, the report explains. In addition, most trusts lack experienced staff and the resources to design and deliver an enhanced MDCS programme.

Available funding

NHS England has not announced any funding specifically for MDCS, however recent 2024/25 NHSE priorities and operational planning guidance state “expectations are for ICBs to have a system-wide plan for maintaining robust cyber security”. The market analysis report adds that it is highly likely ICB funding will be made available to MDCS suppliers.

Example of best practice

Price highlights four examples of MDCS in the NHS, including at Milton Keynes University Hospital NHS Trust. The organisation is protecting itself and its medical devices from cyber attacks by deploying Darktrace’s Self-Learning AI and Autonomous Response technologies. Darktrace’s AI shines a light into hard-to-track places, giving Milton Keynes University Hospital’s security team visibility into its entire dynamic workforce.

South Tees Hospitals NHS Foundation Trust is another example of MDCS success, with the trust implementing Medigate by Claroty, a cyber security platform designed to strengthen the security of medical devices against cyber threats, particularly ransomware attacks.

With the Medigate platform in place and integrated with its new Fortinet solution, South Tees was able to improve its overall security position and gain greater visibility and control over its medical device inventory, the report outlines.

The report also lists the three leading suppliers of MDCS: Cylera, Cynerio and Armis.

Looking ahead

Looking ahead 12 months, NHS trusts and ICBs will focus on providing more training for their staff, increasing best practices and knowledge sharing at a local level, investing in their workforces and updating their risk mitigation plans in anticipation of potential attacks on both connected and medical devices, the report reads.

Price says that overall, NHS trusts in England are moving in the right direction with MDCS, but challenges remain. “Continued efforts are needed to streamline the patching process, address legacy devices, and ensure all hospitals and trusts have the resources to implement effective cyber security measures”, Price said.

“Medical device cyber security will continue to be a priority for NHS trusts and hospitals, with both suppliers and NHS Digital supporting them with specialist knowledge, frameworks and solutions,” the report concludes.

The latest MDCS market analysis report can be downloaded in full here.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

THIS IS MY TEST AD

Related News

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups for people with blood disorders have raised concerns about NHS England plans to combine clinical registries in a single platform.
Harnessing AI and cybersecurity to transform healthcare in the UK

Harnessing AI and cybersecurity to transform healthcare in the UK

The UK healthcare sector is in a transformative era, driven by advancements in artificial intelligence (AI). AI has the potential to revolutionise healthcare by improving…
Junior doctors break strike to assist at sites hit by cyber attack

Junior doctors break strike to assist at sites hit by cyber attack

Guy’s and St Thomas’ and King’s College Hospital NHS Foundation Trusts continue to experience major disruption following the cyber attack on Synnovis.
THIS IS MY TEST AD