Four years on from the Wannacry ransomware campaign, which severely disrupted NHS IT systems, the report cited a rise in connected devices and evolving cyber attacks as key challenges.
Remote working endpoints, along with new deployments to facilitate sufficient operations from employees’ homes are making organisations susceptible to blind spots.
With consultations being moved to digital channels, and VPNs turning into remote working bottlenecks, healthcare organisations are struggling to fix vulnerabilities or maintain visibility of remote endpoints.
“The proliferation of connected devices is exposing health trusts to the risk of ‘cyber physical’ attacks, where virtual threats have a real world impact on patients,” said Marc Chang, CEO and founder of Socura.
“Coupled with resource and funding constraints, health and care organisations face widening visibility gaps, exposing them to ever more sophisticated, targeted threats.”
How healthcare CIOs can keep their organisations secure
In addition, the NHS and other healthcare bodies have been placing data into cloud environments from multiple vendors, meaning that more focus and investment is needed to maintain protection of dispersed systems, and respond to threats.
Jamie Brummell, co-founder and CTO of Socura, commented: “The growing cybercrime economy has helped foment a new breed of advanced, targeted attacks using techniques that were once the preserve of only a few APT groups.
“Health and care organisations are not immune to this threat. With the help of prompt patching, anti-malware on end user devices, regular end user training, network segmentation, and strict user access controls commodity threats can be repelled.
“However, IT security leaders must go one step further in their efforts by moving beyond prevention alone, to also focus on detection and response.”
Recommendations for combatting advanced threats
Elsewhere in the Socura report, a three-point plan has been recommended to healthcare organisations, such as the NHS, to detect and respond to advanced security threats:
- Understand assets: Organisations should acknowledge the assets that they hold, by establishing and regularly updating an inventory.
- Collect and centralise telemetry: Recording and transmission of data from as many of these assets as possible should be brought together to ensure ease of visibility.
- Invest in services: Organisations should invest in tools that can analyse telemetry and spot anomalies that indicate unauthorised activity, as well as contain threats in real-time.
The full Socura report on the cyber security landscape in health and care can be found here.