No let up for healthcare security teams
21st May, 2024 • Online
11 million ransomware attacks, 271 million intrusion attacks – what can CISOs do to ensure we all stay safe?
A critical priority for companies and governments
According to one report between 2022 and 2023, the global healthcare sector saw over 11 million ransomware attempts and over 271 million intrusion attacks. Closer to home, in mid-2023, the UK’s largest NHS trust confirmed it was investigating a ransomware incident in which the ALPHV ransomware gang said it had stolen 70 terabytes of sensitive data in what it claimed was the biggest breach of healthcare data in the United Kingdom. Samples of the allegedly stolen data included employee identification documents, including passports and driver licenses, and internal emails labelled “confidential.”
These attacks, especially ransomware, are becoming more frequent and, as AI and other developments lower the barriers to entry for attackers, we must expect higher volumes of more sophisticated attacks in future.
Healthcare providers must overcome the challenges of budget, fragmentation of systems, the need for connectivity and information sharing, the criticality of their IT and IIoT ecosystems, the huge mass of legacy technology they work with and the complexity of the security stacks they have often put in place.
Maintaining consistent basic cyber hygiene across such a vast estate is an enormous task. Doing it on a budget is even more demanding. So:
• What are the key cyber threats to the healthcare system?
• What are the key data and infrastructure targets most attacked by hackers?
• How can the different parts of the NHS build strong security foundations?
• How can core asset inventory and visibility be improved?
• How much can Trusts rely on core application suites for cybersecurity?
• How can the NHS provide proportionate security across such a diverse estate while maintaining broader consistency and control?
• How are innovations in medical devices complicating healthcare security?
Securing the healthcare sector is not simply a critical priority for the individual entities which comprise it, it is must-do for nation-state security too.