In the aftermath of the Synnovis ransomware attack that struck last week, London hospitals continue to struggle to deliver patient care at an optimal level. The attack on the pathology services provider has brought down the daily blood sampling count in major London hospitals from 10,000 to merely 400 per day, according to Synnovis.

“Urgent requests are severely restricted at around 400 a day. Historically primary care and community services have generated around 10,000 samples a day for testing, which gives you an idea of the scale of the impact.” - Synnovis

Services including blood transfusions reportedly remain severely disrupted at Guy's and St Thomas' Hospital and King's College Hospital. Both hospitals are experiencing disruption of pathology services, particularly blood tests.

Blood Testing Severely Impacted After Synnovis Ransomware Attack

The biggest challenge that Synnovis is currently facing is that all its automated end-to-end laboratory processes are offline since all IT systems have been locked down in response to the ransomware attack. “This means we are having to log all samples manually when they arrive, select each test manually on analyzers and, once tests have been processed, type in each result on the laboratory’s computer system (the Laboratory Information Management System - LIMS),” Synnovis said. And this is not the end of it. Synnovis then must manually deliver these results to the Trust’s IT system so that the results can be further electronically submitted back to the requester. But since the Synnovis’ LIMS is presently disconnected from the Trusts’ IT systems, “this extensive manual activity takes so much time that it severely limits the number of pathology tests we can process at the moment,” Synnovis explained. The pathology service provider normally processes around 10,000 primary care blood samples a day, but at the moment is managing only up to 400 from across all six boroughs. “Despite the measures we know colleagues are taking to prioritize the most urgent samples, we are receiving many more than we can process and we have an increasing backlog,” Synnovis said. The lab services provider last week was able to process around 3,000 Full Blood Count samples but could not export results due to the lack of IT connectivity. “Of those tests processed, we have phoned through all results that sit outside of critical limits, however, we have been unable to return any results electronically and are unlikely to be able to do so,” Synnovis said. The impact of the Synnovis ransomware attack is also felt on NHS Blood and Transplant (NHSBT), as it appealed to the public earlier this week to urgently donate O blood-type (+ve and -ve) across England. The attack caused significant disruption on the hospitals’ ability to match patients’ blood types, leading to an increased demand for O-positive and O-negative blood donations that are medically considered safe for all patients.

Will Process only 'Clinically Critical' Blood Samples

To manage the inadequacy of the services, the service provider is momentarily only accepting blood samples that the requesting clinician considers to be “clinically critical.” Clinicians need to consider a test as “critical” only if a test result is needed within 24 hours to determine a patient’s urgent treatment or care plan. “As experts, your clinical view of what is considered ‘critical’ will be accepted by the laboratory, but we urge you to apply this definition carefully, given the severe capacity limitations we are facing,” Synnovis recommended. [caption id="attachment_77097" align="aligncenter" width="1024"] Source: Synnovis[/caption] The pathology service provider is also working with NHS Trust to install laptops at the hub laboratory, which will give them access to the Trust IT systems to return test results electronically.

Caregivers Working Overtime

Doctors and caregivers at Guy's and St Thomas' Hospital and King's College Hospital have been putting in extra hours since the Synnovis ransomware attack disrupted services last week. But this is not enough, as KCH has already cancelled some of its operations and is working only at about 70% capacity. Three of its 17 operating theatres remain shut, BBC reported.

Cisco, a global leader in networking and cybersecurity solutions, has announced the appointment of Sean Duca as its new Chief Information Security Officer (CISO) & Practice Leader for the Asia Pacific, Japan, and China (APJC) region. Sean, in his LinkedIn post, expressed his excitement about joining Cisco after taking a six-month break to focus on his health and recharge. He shared his enthusiasm for the new challenge ahead, working within Cisco's Customer Experience (CX) Team for APJC and eventually relocating to Singapore. “After an amazing 6-month break to recharge and focus on my health, I'm thrilled to embark on a new and exciting challenge at Cisco, working in the CX Team for APJC, and will eventually be based in Singapore,” reads the LinkedIn Post. On his first day at Cisco, Sean expressed his eagerness to collaborate with Jacqueline Guichelaar and the broader CX team, as well as reconnecting with former colleagues, including Peter M. Sean's decision to join Cisco was influenced by the opportunity to work with remarkable individuals, such as Jeetu Patel, and to contribute to innovative solutions like Cisco’s Hypershield. “Day 1 is done, and loving it! I am excited to work with Jacqueline Guichelaar and the wider CX team and to reconnect and work alongside Peter M. again,” reads the post. [caption id="attachment_76494" align="aligncenter" width="679"] Source: Sean Duca's LinkedIn Post[/caption]

Sean Duca Vast Experience

Sean brings over 20 years of experience in cybersecurity to his new role, with a proven track record of driving visionary strategies and practical solutions to enhance digital security. Sean's extensive background includes nearly nine years at Palo Alto Networks, where he served as Vice President and Regional Chief Security Officer (CSO) for the APJ region. Before that, he spent over 15 years at Intel Security, serving as the Chief Technology Officer (CTO) for the Asia Pacific region. His leadership in technology and security has made a significant impact in the industry. Reflecting on his new role at Cisco, Sean emphasized his commitment to helping customers achieve their security and business goals while extracting value from their Cisco investments. He expressed his eagerness to reconnect with partners and contacts in his soon-to-be new country, Singapore, highlighting his dedication to driving cybersecurity excellence across the region. “What drew me to Cisco? I've met incredible people, Jeetu Patel’s visionary strategy, and the innovation behind solutions like Cisco’s Hypershield. I can't wait to reconnect with partners, new and old, and many contacts in my soon-to-be new country when I move up next month. Most importantly, I'm eager to help our customers achieve their security and business goals, proving our value and extracting value from their Cisco investment,” reads the post further. With his renewed focus and energy, Sean's appointment is poised to lead Cisco's efforts to elevate performance in the cybersecurity world across APJC.

Sophos, a cybersecurity company that offers a wide range of security solutions, has announced the appointment of Joe Levy as the company’s Chief Executive Officer (CEO). Levy, who has been serving as acting CEO since February 15, is set to drive the execution of Sophos' strategic vision. To support this strategy, Levy has named Jim Dildine as Sophos’ new Chief Financial Officer (CFO) and a member of the senior management team. Speaking on the development, Dildine said," Having worked in technology and finance for over 30 years, joining Sophos at this pivotal moment is exciting. The company’s achievements, including its dedication to innovating cybersecurity technology and supporting its partners, are impressive.” “I look forward to helping Joe accelerate growth and further establish Sophos as an industry leader.”

Joe Levy's Extensive Experience

Levy brings nearly 30 years of experience in cybersecurity product development and leadership to his new role. Over his nine-year tenure at Sophos, he has transformed the company from a product-only vendor into a global cybersecurity giant. This transformation includes the establishment of an incident response team and a managed detection and response (MDR) service that now defends over 21,000 organizations worldwide. Additionally, Levy created SophosAI and Sophos X-Ops, an operational threat intelligence unit that integrates over 500 cross-departmental cybersecurity operators and threat intelligence experts. This unit shares real-time and historical cyberattack data across all Sophos solutions, enhancing their ability to defend against persistent cyberattacks. Levy's extensive experience includes working with the channel, including managed security providers (MSPs), which began in the mid-1990s when he started his career as a cybersecurity practitioner and innovator at a value-added reseller.

Joe Levy Next Move: Expanding the Midmarket Base

As CEO, Levy aims to expand Sophos’ strong customer base in the midmarket, which includes nearly 600,000 customers worldwide and generates more than $1.2 billion in annual revenue. “When midmarket organizations – the global critical substrate – are paralyzed due to ransomware or other cyberattacks, the ripple effect impacts supply chains and slows our economy. Operations of all sizes suffer collateral damage when supply chain dependencies are attacked. This can be devastating in unpredictable ways due to the complexity of the modern global economy,” said Levy. Adding further, Levy said, “Our goal is to help more midmarket organizations – the estimated 99% below the cybersecurity poverty line – improve their detection and disruption of inevitable cyberattacks. We plan to achieve this by working with MSPs and channel partners who can scale with us using our innovative technologies and managed services. Cyberattacks on the midmarket can severely impact global functionality, and Sophos is committed to changing that.” Sophos has a unique opportunity to scale its business by helping organizations that require basic and advanced defenses against cyberattacks. These organizations, often smaller entities within critical infrastructure sectors, are just as vulnerable to cyber threats as major corporations. Sophos' Active Adversary report and 2024 Threat Report highlight that attackers frequently exploit exposed Remote Desktop Protocol (RDP) access at midmarket organizations for data theft, espionage, ransomware payoffs, or supply chain attacks.

Strategic Appointment of Jim Dildine as CFO

To support his leadership strategy, Levy has appointed Dildine as CFO. Dildine brings exceptional operational expertise and a strong background in channel partner-based cybersecurity business. He joins Sophos from Imperva, where he served as CFO for over four years. Before Imperva, Dildine was CFO for Symantec’s $2.5 billion enterprise security business unit and held key financial leadership roles at Blue Coat Systems. At Blue Coat, he oversaw significant growth, leading to a go-private transaction by Thoma Bravo, a sale to Bain Capital, and a subsequent sale to Symantec for $4.6 billion in 2016. He also managed the acquisition and integration of six security-focused companies valued at over $750 million. Chip Virnig, a partner at Thoma Bravo and a Sophos board member, expressed confidence in the new leadership team. “Thoma Bravo has worked with Joe through successful investments in SonicWall and Blue Coat Systems. His authentic leadership and impeccable reputation in the cybersecurity industry make him the ideal CEO for Sophos. We’re also excited to have Jim join as CFO. We’ve worked with Joe and Jim for over a decade and believe their combined expertise will drive Sophos to new heights," said Virnig.