Cybersecurity for Znojmo Hospital

Client information:

Znojmo Hospital, contributory organization

ID: 00090638

Implementation period

October 2024 - October 2025

Project value

68.2 million CZK

Project type

Cybersecurity

Client statement

„The project 'Ensuring Cybersecurity of Znojmo Hospital' is one of the extensive projects recently underway at Znojmo Hospital as part of enhancing cybersecurity. The main goal of the project is to ensure Znojmo Hospital's compliance with the requirements of the Cybersecurity Act. The proposed technical measures will contribute to preventing cyber threats and security incidents. Within the above-threshold public procurement for supplies tendered in an open procedure, Cybernexus won with its offer. Cooperation with Cybernexus was smooth both technically and organizationally. The preparation and actual implementation of the contract proceeded smoothly according to the established schedule."

Roman Citterberg

Head of Information Technology Department

Project goals

The goal of the project was to fundamentally increase the cybersecurity and resilience of Znojmo Hospital against current and future threats. The project focused on the following key objectives:

Ensuring compliance with current cybersecurity legislation (including future NIS2)
Significantly strengthening the protection of information systems, medical devices and electronic data against cyber attacks and external risks
Immediate identification of risks and vulnerabilities threatening the safe operation of the hospital
Accelerating and simplifying IT and medical asset management through automation and centralization of processes
Establishing clear standards for prevention, early detection and resolution of security incidents in 24/7 mode
Systematically increasing the level of security awareness of key employees across hospital departments

2000+

Secured devices

5 years

Support and maintenance

24/7

Security monitoring

Project description

The project was delivered as a comprehensive cybersecurity solution, whose main goal was to build a functional information security management system (ISMS), fully complying with legislative requirements including NIS2, and maximum increase in the hospital's resilience to modern cyber threats. The implementation included these main stages:

Analytical phase

Detailed mapping of ICT environment, analysis of assets, risks and processes of Znojmo Hospital, design of objectives and specific forms of all areas of the cybersecurity system.

Implementation phase

Creation of security infrastructure including multi-layer protection (firewalls, behavioral monitoring, PKI certification authority, privileged account management), modernization of network architecture, email security gateway, advanced backup solution and protection against zero-day threats.

Operational phase

Long-term technical support (full maintenance, SLA), regular updates, possibility of solution development according to the hospital's future needs.

Solution benefits

Complete fulfillment of legal requirements including harmonization with the upcoming NIS2 directive

Overview of more than 2,000 active elements in the organization's network

Immediate identification and mitigation of risks and vulnerabilities

Implementation of processes for prevention and incident resolution according to best practices

Acceleration and simplification of IT and medical asset management

Robust incident response support in real time and incident management

Long-term sustainability and high modularity of the solution

Technologies used

Security platforms

•Check Point 9200 (firewalls, centralized management, sandboxing)
•GreyCortex Mendel (behavioral analysis)
•FortiMail
•PKI on MS Windows Server

Network infrastructure

•Aruba CX series (core and access switching)
•Veeam Data Platform, HPE MSA 2060, HPE MSL3040
•Integration: SIEM, Active Directory, Cisco ISE, and others

Monitoring and analysis

•Claroty xDome
•Passive DPI traffic analysis
•Device inventory and classification (medical, IoT, network elements)
•Communication maps with risk detection