Exhibitor Press Releases

22 Jan 2024

What is the cybersecurity Remedy For Healthcare Businesses?

KnowBe4 UK LTD Hall: N1 - N13 Stand: S40
What is the cybersecurity Remedy For Healthcare Businesses?

Organisations that operate in healthcare store some of the most sensitive and personal information which includes patient diagnoses, medical records and home addresses. Given that the industry is also becoming more digitised with its expansion of operating technology and specialised medical equipment, the desired result is to provide the best possible care to patients in a safe working environment.  

However, these systems are not always the best protected and are among the most targeted by cybercriminals. 

 

An industry under attack 

Between 2022 and 2023, the global healthcare sector saw over 11 million ransomware attempts and over 271 million intrusion attacks. Unfortunately, it is estimated 46% of UK businesses experienced a cyber-attack in 2023, with the average cost of cybercrime to the UK to be £27bn per annum.  

When analysing the healthcare infrastructure in the UK, most data is contained and processed centrally. Therefore, it is not unimaginable for a cybercriminal to gain unauthorised access or exploit these systems from a human error, which would potentially lead to the entire network being compromised.  

Many institutions rely on the data collected by healthcare organisations, as such analysis and research can help to uncover new treatments and remedies. With that said, these third-party partners are also a security risk to healthcare institutions. A prime example was when the University of Manchester suffered a ransomware attack, resulting in computer systems being compromised. It was significant because the attack impacted over one million NHS patients across 200 hospitals, as the University was collecting hospital data for research. 

CNI Warning

The most notorious cyberattack against the UK healthcare network was WannaCry in 2017. This ransomware attack effectively brought a halt to the entire NHS system, crippling 200,000 computers, services, appointments, surgeries, IT equipment and costing €92 million. More recently, the NHS emergency services were brought to their knees in July 2023, in an attack that targeted two ambulance trusts resulting in staff falling back on analogue systems to carry out their work.  

The healthcare system of any country is critical to the survival and operation of the population, hence why it is part of the critical nation infrastructure (CNI). CNI’s around the world are regularly under threat from nation-state actors like Russia, China, North Korea and Iran. So, in 2023, the NCSC issued a warning to all UK CNI organisations regarding this emerging threat which included healthcare, energy, food, government, utilities, telecommunications and transportation.  

Given this warning, and the barrage of threats swirling around the healthcare sector, what can this under-prepared industry do to swat these threats away and prevent and recover from potential incidents? 

When examining some of the most prolific cyberattacks, the techniques used by the cybercriminals are not uncommon and they are certainly preventable. Social engineering attacks like phishing are widely reported as being the most used method to gain unauthorised entry into a system. Other common methods include exploiting unpatched vulnerabilities and system configuration errors. Thankfully, these incidences can be prevented and remediated if healthcare organisations follow security best practises and reduce the likelihood of human error. 

Security awareness training is key 

According to Verizon’s latest report, 74% of data breaches are caused by human error. This highlights the importance of security awareness training and why it is integral for healthcare organisations to implement this for all staff members. Utilising security awareness training methods such as simulated phishing can effectively establish a human firewall as well as cultivate a security culture within the workforce. Elevating the overall security knowledge of staff members enables healthcare organisations to empower employees with the optimal tools to make informed and secure decisions regarding cybersecurity. 

Moreover, ensuring the continuous updating of systems and adhering to cybersecurity best practices, healthcare organisations in the UK can potentially avert disastrous malware attacks. While prioritising the preservation of lives remains paramount in healthcare, the rising threat of cybercriminals targeting vital healthcare institutions necessitates the recognition that lives are at risk when computers are incapacitated, equipment becomes inoperable and emergency rooms are forced to shut down. Ultimately, these institutions have a responsibility to provide the best possible care to patients and protecting their data and privacy is a necessary requirement.  

 

 

 

Loading

2024 Sponsors

Platinum Sponsors

google cloud

Platinum Sponsors

pentera

Platinum Sponsors

delinea

Platinum Sponsors

paloalto prisma

Gold Sponsors

lenovo

Gold Sponsors

softcat

Gold Sponsors

vodafone

Gold Sponsors

wasabi

Silver Sponsors

absnormal

Silver Sponsors

rubrik

Silver Sponsors

it complete

Silver Sponsors

ironscales

Theatre Sponsors

ibm

Theatre Sponsors

vultr

Theatre Sponsors

cato

Theatre Sponsors

crowdstrike

Security the cloud stream

technology

Conquering the evolving threat landscape stream

cyber

Building a blueprint for trust stream

business focus magazine

The future of cyber security stream

cyber resilience centre

Fortifying industry 4.0 stream

grc outlook

2024 Partners

Headline partners

excel london

Headline partners

cybersecurity jobsite

Headline partners

cyber security council

Media Partners

cloudtango

Media Partners

silicon

Media Partners

isaca

Media Partners

media planet

Media Partners

she can code

Media Partners

technology

Media Partners

cyber

Media Partners

business focus magazine

Media Partners

cyber resilience centre

Media Partners

grc outlook