Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
In NHS cybersecurity, one problem keeps security teams up at night: the gap between spotting issues and actually fixing them.
If you work in healthcare IT, you know this headache all too well.
Legacy systems that can’t be easily patched, security teams stretched too thin, and the constant balancing act of keeping operations running while protecting patient data.
Since WannaCry took down dozens of trusts in 2017, the stakes have never been higher. Knowing about vulnerabilities is only half the battle.
Complete Visibility, Real Action
A new partnership between ITHealth and Heimdal Security is set to close the gap between identifying risks and fixing them. It’s not about adding more tools but making the right ones work together.
“We have a missing piece in our portfolio,” says Chris Booth, Head of Commercial Business and Strategy at ITHealth.
“We provide valuable intelligence on assets, risk, and security posture, both on and off the network. Our goal is to find 100% of 100% – to make sure nothing is left hidden – so that others can take action with full clarity.“
ITHealth’s Dashboard, already used by over 170 NHS organizations, gives security teams full visibility into their assets and vulnerabilities. But spotting issues and fixing them are two different things.
“The integration between the two technologies and the partnership between our organizations gives joint customers a clearer view of their cybersecurity posture, especially when it comes to patching and vulnerability management,” says Andy Sheret, head of business development at ITHealth.
Why Patching Matters in Healthcare
For NHS organizations, patching isn’t just an IT task. It’s a frontline defense.
The NHS IT estate has been described as “increasingly elderly,” with some facilities still running decade-old PCs on unsupported operating systems. That’s a serious security risk, and attackers know it.
In 2022, Ransomware attacks hit 81% of healthcare organizations in the UK and 38% of them paid a ransom to recover their data. The survey found that healthcare was the third most targeted sector. With the risk level that high, organizations can’t afford leaving any door open for hackers to find and exploit.
Every delay in patching extends the window of vulnerability, making it easier for attackers to get in.
According to Edgescan’s 2024 Vulnerability Statistics Report, the mean time to remediate critical vulnerabilities is 65 days.
That’s a problem, considering adversaries can exploit vulnerabilities within an average of 15 days after discovery.
Timely patching isn’t optional. It’s a necessity.
Closing the Loop
The partnership between ITHealth and Heimdal helps NHS organizations bridge the gap between visibility and action by showing exactly where security tools might not be working.
Step one is visibility,” says Booth. “Using the ‘blind spot’ features, customers can use their ITHealth Dashboard to identify where assets have been seen, or not.
“This allows them to gain visibility into solutions such as Heimdal. if the asset isn’t visible via the API it might not be doing its job.”
ITHealth’s Dashboard shows which devices have Heimdal installed but not running properly, meaning they aren’t getting the patches they need.
“If Heimdal isn’t running properly, that device could be in bad shape,” Booth continues.
“It’s not being patched or updated, which means its risk profile is high, and we’ll know about that. So, if Heimdal is running properly, the device should be in good shape. It closes the loop.”
Rather than trying to build competing products, the two companies are focusing on complementary strengths.
ITHealth delivers comprehensive asset visibility. Heimdal brings automated patching, pushing out updates across an entire network in under four hours.
Beyond Point Solutions
NHS cybersecurity isn’t a problem one product can solve. That’s why this partnership steers clear of the “silver bullet” mindset.
“Honestly, it’s not an arrogant statement… There’s nothing like the ITHealth Dashboard. No other product does everything we do,” says Booth.
“We’re not here to reinvent the wheel. Could we have built a remediation tool? Sure. But is that what we do? No. That’s what you do really well. So let’s partner and build that integration story.”
This approach recognizes the complexity of modern healthcare IT. No single tool can cover every risk, but the right combination can make all the difference.
Real-World Impact
For NHS cybersecurity teams, the benefits of this partnership are immediate.
First, there’s the ability to automate patching across Windows, Linux, Apple, and 200+ third-party applications. For understaffed teams, that’s a game-changer.
Then, there’s the visibility.
ITHealth’s Dashboard pulls data from multiple sources, giving security teams a complete view of their assets and vulnerabilities. When integrated with Heimdal, it shows not just what needs patching but whether patches are actually being applied.
“I’ve already been involved in Heimdal POCs, and the Heimdal team does a fantastic job of understanding the requirement,” says Sheret.
“I was recently part of one focused on patching, and it was incredibly effective and valuable.”
Meeting Compliance Requirements
Beyond security, compliance is a major concern for NHS organizations.
With frameworks like the Data Security and Protection Toolkit (DSPT) and the Cyber Assessment Framework (CAF), trusts need to identify risks and prove they are managing them.
One of the biggest challenges is evidence-based security, showing auditors that vulnerabilities are found, fixed, and tracked.
The ITHealth-Heimdal integration helps by providing real-time visibility, automated patching, and clear reporting.
DSPT compliance requires trusts to maintain an updated asset inventory and apply patches promptly.
With ITHealth’s asset intelligence and Heimdal’s automated patching, NHS teams can find outdated systems and remediate them within hours instead of weeks.
That cuts exposure and creates a clear audit trail.
CAF, which aligns with NIS Regulations, emphasizes supply chain security and proactive risk management.
Trusts need to prove their security tools are working and actively preventing threats. The integration ensures Heimdal is not just installed but running and patching properly, closing a critical gap that could otherwise leave trusts non-compliant.
By automating patching and strengthening security oversight, this partnership helps NHS organizations stay compliant without adding more work for security teams.
Looking Ahead
The ITHealth-Heimdal partnership is evolving. The first phase is focused on identifying where security tools aren’t functioning properly. But the vision goes further toward a future where NHS organizations can not only spot risks but fix them with minimal manual intervention.
“The potential is there to take this beyond just identifying risk,” says Sheret. “We can move toward a level of remediation where organizations can see their biggest risks and click a button to reduce or fix them.”
For NHS security teams already stretched thin, that kind of integration between visibility and action could make a huge difference. This isn’t about replacing people in cybersecurity. It’s about giving NHS security teams the tools they need to focus where it matters most, which is protecting patient data and ensuring continuity of care in an increasingly hostile digital landscape.
For many NHS trusts still dealing with the fallout of WannaCry and ongoing ransomware threats, closing the loop between seeing problems and fixing them can’t happen soon enough.
