October 4th 2023
Brainkind is the UK’s leading charity helping people to thrive after a brain injury. The services they provide include neurological centres, rehabilitation, residential care homes, and supported living. They provide innovative, personalised and compassionate rehabilitation and ongoing support to people with brain injuries and other neurological conditions.
Brainkind currently support over 400 people with complex needs after brain injuries. Following a strategy review in 2022, they identified six aims to drive the organisation forward; the sixth one was to find the right digital solutions and become a leader in digital change and innovation.
When Graham Fisher, Director of Digital at Brainkind, undertook a review of the organisation’s digital capabilities, the first port of call was to evaluate the security posture in place, and he noticed a number of security concerns that needed attention. This led to some further research and the need to find a security partner which eventually connected them with Vambrace, a company specialising in improving cyber security infrastructure.
Navigating the supply chain
Vambrace took an initial look at the Brainkind’s 3-year plan and worked with them to develop a cyber strategy to help get them to where they wanted to be. As Graham explains,
“The first thing Vambrace did was the Security Scorecard. This is part of a free service they offer to charities which identifies vulnerabilities within the organisation and runs scores against third party suppliers to see who is secure and who isn’t. It helped us to look at our partners and see who didn’t meet the standards we required.”
Care services are often part of a wider digital information supply chain and a weak link in the supply chain could have a detrimental impact on a business. When using third-party IT managed services, it’s important to check that whoever handles your systems and data has good security measures in place. As Graham explains,
“We took a zero-trust approach to finding suppliers. Being able to vet and check third party suppliers with Vambrace was very beneficial to us and helped us to engage and connect with the right partners with similar values”.
Culture shift
Bringing people along on a change journey can be a fundamental factor to whether or not it succeeds. Brainkind were moving away from an outdated infrastructure and needed to make sure that staff knew how to use new updated systems safely.
Staff training was updated to include GDPR and IT Security modules, explaining the fundamentals on storing and sharing information safely. As Graham explains,
“The goal was to make tech simple and effective. We wanted to future proof our business, not complicate it. Educating our teams and getting them on board was key to embedding a strong security culture that has pathed the way for new opportunities.”
Making savings
Brainkind benefited from an additional cost-saving service offered to charities for free by Vambrace, which involved a review of hardware resources. The company undertook a review of the hardware the charity held which was of no use, were able to sell it on and gained charitable donations which were returned to the organisation. As Graham reflects,
“We gained £4,000 on hardware that was no longer of use to us, and we also benefitted from free data destruction as part of one of Vambrace’s green initiatives. They were able to provide us with certificates to prove the data and hardware had been fully destroyed to an appropriate standard”
Reaping rewards of the present, and looking to the future
Brainkind worked closely with Vambrace to identify robust systems for checking and improving cyber security infrastructure across the charity. This includes cyber security services, which incorporates penetration testing, vulnerability scanning, training, and a Manage, Detection & Response service.
Through these services, Vambrace aided Brainkind in achieving Cyber Essentials+ accreditation, which helped them achieve Standards Exceeded accreditation on the Data Security & Protection Toolkit, further demonstrating the organisation’s commitment in maturing their cyber security posture.
With Vambrace powering Brainkind’s cybersecurity capability, it can now identify and eliminate high security risks, aid with asset discovery to decipher what’s out of date and what could be causing issues, and issue reports for different departments on security readiness, competence and industry compliance.
The 2 years following this joint partnership have led to innovative change throughout the charity.
“We now have a new state of the art neurological centre in York and wouldn’t have been able to consider deploying innovative digital technologies without the security updated infrastructure being in place and managed”, Graham says, pointing out the fact that the centre will become a host of new digital innovation going forward
“We’ll be implementing sensor technology, virtual reality, personalisation options and so much more. It’ll be cutting edge technology but not ‘bleeding edge’. It has to be tried and tested, and it needs to serve a person-centred purpose.”
Further information
-
- October is Cyber Security Awareness Month and Better Security, Better Care are calling on all care providers to check their arrangements and consider the less obvious risks.
- Visit the Vambrace website for more information on how they can help you improve your cyber security infrastructure.
- For specific queries relating to Vambrace, contact Leigh Clark: [email protected]
- Visit the Brainkind website for more information.
- Get free, expert support to use the Data Security & Protection Toolkit
View all success stories