How to provide integrated care systems with the best cybersecurity
In a way, hospitals might as well be designed to be exploited by ransomware gangs. As a facility that provides centralized health care to thousands of people every day, the stakes involved in keeping it operational 24 hours a day, seven days a week are literally life and death. Hospitals also run on depressingly old legacy systems run by sleepless doctors and nurses with little or no time for cyber awareness training.
This vulnerability is reflected in the data. Ransomware hit approximately 34% of healthcare organizations in 2020, according to Sophos’ latest report, State of Ransomware in Healthcare. Meanwhile, 65% of hospitals and practices affected last year reported that cybercriminals successfully encrypted their data – further compromising their systems in lieu of an expensive ransom.
Thankfully, the UK healthcare sector’s cyber defenses have grown significantly stronger since then. Not only has the government set up its own organization in the form of the NHS Cybersecurity Operations Center (CSOC) to keep tabs on all threats to hospital networks, but it has also enacted new measures to ensure the standardization of systems, regular upgrades and training for staff on the front line of protection against future phishing and ransomware hacks.
Arrival of the ICS
The latest Sophos white paper, Cybersecurity for Integrated Care Systems in England, details further reforms the NHS is undergoing as 42 new integrated care systems are introduced. New organizational frameworks that bring together local hospitals, nursing homes, GP surgeries and other clinics to provide healthcare across a large geographic area, ICSs will replace the primary care trusts introduced by the Health and Social Care Act 2012. Hopefully over time the government will, these new frameworks will lead to greater collaboration between healthcare providers and improve the overall health of the population.
Cyber security for integrated care systems in England
Please check your email to download the white paper.
With the advent of ICS comes a new focus on cybersecurity – all the more important given the reforms’ emphasis on sharing more data across networks. Of course, this creates new vulnerabilities that cybercriminals will no doubt try to exploit. As such, CIOs face three key challenges as the NHS navigates its next phase of digital transformation: ensuring systems complexity is reduced across all ICS; ensuring strict compliance with safety standards; and ensuring that employees are trained in the use of new technologies and applications in the areas of AI, cybersecurity and cloud.
Long-term security strategies
Training is particularly important in this context. In most cases, critical systems are compromised by cyber criminals because someone within an organization effectively let them in, usually by clicking on suspicious links in emails that don’t appear suspicious at all. As such, staff across the NHS in all roles must be made aware of the risks involved in interacting with people outside the organization who use digital systems by completing Data Security Awareness Training, which is provided by the recently launched Data Security and Protection Toolkit is prescribed.
IT departments must also use endpoint detection and response (EDR) tools to monitor internal networks for suspicious activity. However, as the report points out, using EDRs requires expertise and time, not least because of all the false positives the system often throws when looking for bad guys on the network. Consequently, it would be wise for IT departments in all ICS to invest in managed threat response services that employ experienced cybersecurity professionals and sophisticated AI technology to detect, hunt down and respond to suspicious activity at any time.
Securing the NHS for the long term
As the NHS looks forward to implementing the new ICS regime, IT departments and frontline workers alike need to consider how best to secure systems together. This includes not only relying on EDR tools and MTR teams to identify and suppress threats to the system posed by hackers, but also intelligent training to recognize these threats and planning ahead for the deployment of new systems that seamlessly integrate with their legacy systems ancestors.
In this regard, Sophos stands ready to offer customers across the healthcare ecosystem cybersecurity support to match their needs. This comes in the form of dedicated MTRs working 24/7 to secure systems, as well as a range of security products and services designed to work seamlessly from a Sophos Central Platform standpoint to provide the user with a to provide a complete overview of his assets. Collectively, these services enable customers to implement intelligent cybersecurity strategies across complex, sprawling networks – protecting patient data from attack and denying cybercriminals new opportunities to exploit systems that are ultimately intended to save lives.