The latest NHS hack shows that public sector must do more to protect itself from the growing risk of cybercrime

The latest NHS hack has once again demonstrated the vulnerability of the public sector to cybercrime. This is according to Secure Cloudlink, who has argued that no organisation is immune to a data breach, but public sector organisations in particular must be endlessly diligent and maintain strict control over their digital information assets due to the highly sensitive nature of the data involved.

Just this week, it was revealed that the details of thousands of medical staff in Wales were stolen from a private contractor’s computer server. The information included names, dates of birth, radiation doses and National Insurance numbers, demonstrating the ongoing threat of cybercrime in the UK.

>See also: Two-thirds of London’s councils suffered a data breach in the last 4 years

Dave Worrall, CTO at Secure Cloudlink, commented: “There is a mass market for stolen data and the public sector in particular is a vulnerable target. This recent attack is by no means an isolated incident; we demonstrated back in November that the security hygiene of the majority of local authorities in London is not up to scratch. Despite the clear and present danger and with cybercrime starting to creep higher up on the government’s agenda, the public sector is still failing to fully grasp the scale of the threat right on its doorstep.”

Further highlighting the vulnerability of the public sector, a recent Freedom of Information (FoI) request, conducted by Secure Cloudlink, revealed that 64% of London’s councils had experienced a data beach in the last four years.

“The public sector cannot blindly allow these events to continuously occur and organisations need to be endlessly diligent in their approach to security to alleviate the growing security risks present,” said Worrall.

>See also: Pointing the finger: consumers blame businesses for data breaches

“No one is immune so all organisations need to understand what is needed to navigate today’s increasingly vulnerable security landscape. Businesses must keep informed of the latest developments in security and train all staff accordingly. This is critical in the public sector, as the risk of not doing so puts not only the organisation in danger, but also individual citizens.”

“Instilling a security mind-set throughout an organisation is half the battle. Greater strides also need to be made in managing security processes. Designs that were once suitable have not been updated to keep up with the increasing digital economy of today and because of this, hackers are able to capitalise and steal information much more easily.”

“It’s therefore important to address the threat landscape by working closely with experts in security to adopt new tools and practices that offer the utmost resilience against cyber-crime. This latest hack demonstrates how fallible current solutions are. Technology needs to adapt to an ever-changing industry and the security mind-set needs to be adjusted as well,” concluded Worrall.