Hardening healthcare: a critical national emergency
25th May, 2023 • Online
It’s the perfect storm for a sector targeted as a priority by economic and state attackers. What needs to be done right now?
A critical priority for companies and governments
Healthcare is one of 13 sectors recognised as critical national infrastructure by the government’s National Cyber Security Centre (NCSC), alongside others such as food, finance, energy and transport. A large cyberattack on one of these sectors can cause severe societal disruption, loss of essential services, and in some cases loss of life.
But the healthcare sector is perhaps the most complex challenge. Each of the UK’s four countries runs its own NHS. These are made up of thousands of organisations of varying size and digital competency ranging from some of the most technologically advanced research organisations in the country through to individual GP surgeries.
There are 219 primary trusts many of which run more than one hospital. There are 7,500 GP practices and imagine the hacking possibilities afforded by around 1.2 million full-time equivalent staff, including 123,727 doctors, 332,341 nursing staff (including midwives and health visitors) and 33,907 managers, and at least 1.5 million electronic devices, including an increasing number of sophisticated IoT devices.
Maintaining consistent basic cyber hygiene across such a vast estate is an enormous task. Doing it on a budget is even more demanding. So:
• What are the key cyber threats to the healthcare system?
• What are the key data and infrastructure targets most attacked by hackers?
• How can the different parts of the NHS build strong security foundations?
• How can core asset inventory and visibility be improved?
• How much can Trusts rely on core application suites for cybersecurity?
• How can the NHS provide proportionate security across such a diverse estate while maintaining broader consistency and control?
• How are innovations in medical devices complicating healthcare security?
Securing the healthcare sector is not simply a critical priority for the individual entities which comprise it, it is must-do for nation-state security too.