When it comes to cyber security, the stakes could not be higher for healthcare. Cyber attacks that could compromise the availability of critical systems – putting patient lives on the line - or expose sensitive personal data have become a constant threat, and one that is only set to increase as the sector grows more reliant on connected technologies.
Industry leaders are urgently seeking ways to address the IT and organisational vulnerabilities that were brought so sharply into focus in the Wannacry attack of 2017.
Budgetary constraints and the need for continuous availability make large-scale system overhauls or equipment upgrades unlikely in the short-term.
Resources must therefore be focused on reducing immediate risks – both technical and human – as well as implementing improved detection and response mechanisms so that any attack can be contained as effectively as possible.
In the course of our work with NHS Digital, we’ve seen how a number of technically (if not culturally) straightforward steps can immediately improve security posture. These should run alongside longer-term measures to improve all aspects of cyber health.
Longer-term best practices