Disruption or delays in health services can be extremely damaging.
In January 2023, President of the Royal College of Emergency Medicine, Dr Adrian Boyle, estimated that as many as 500 people might be dying each week owing to delays in emergency care.
While such a statement might raise questions over funding, resources or efficiency in bridging existing gaps, we’re increasingly seeing incidents where the ability of hospitals to effectively serve patients is taken out of their hands entirely.
Unfortunately, the number of instances in which cyberattacks significantly disrupt health services continues to grow – so much so, that today there are multiple examples where threat actors have contributed to fatalities.
Back in 2019, a ransomware attack on Springhill Medical Center in Alabama caused disruptions that led to the tragic death of a newborn.
In 2020, meanwhile, a ransomware attack against Düsseldorf University Hospital resulted in a 78-year-old patient being diverted to another facility, where she later died.
In the UK, the NHS has not been immune to the issue of cyberattacks either.
Indeed, a major cyberattack that occurred in August 2022 led to the outage of software used to access patient data across NHS 111, mental health trusts, community hospitals and out-of-hours GP services.
The disruption lasted weeks, resulting in significant safety risks such as patients being prescribed incorrect medications and dosages.
DSPT: What are health organisations required to do?
The motivations from threat actors targeting health organisations are often financial.
Healthcare is undoubtedly the highest-stake industry – people’s lives are dependent on the ability to access services around the clock.
Therefore, if that service provision can be impeded, then attackers know they stand a good chance of extorting their victims for cash.
Statistics from Sophos’s The State of Ransomware in Healthcare 2023 report confirm this. Of the 73 per cent of healthcare organisations that had their data encrypted, 42 per cent reported that they paid the ransom requested by threat actors to recover their data.
In response, the UK government is implementing measures in an attempt to ensure that healthcare providers and their critical IT infrastructure become more robust in combatting potentially catastrophic attacks.
Much of this endeavour will culminate in a new 2030 strategy aimed at bolstering cyber resilience in healthcare, a key part of which is the updating of the Data Security and Protection Toolkit (DSPT).
While DSPT was originally introduced as a guide to support healthcare providers in developing an improved security posture and minimising risks, this has since become a mandatory evidence-based system, requiring NHS entities to align their practices with 10 National Data Guardian (NDG) standards.
Of course, such measures are intended for good: to enhance the ability of health providers to combat attacks.
However, these new rules are being introduced at a time when the NHS is already under immense pressure – from an operational and workforce perspective, but also from a regulatory standpoint.
Looking at the 2023 NHS Providers’ Regulation Survey, more than half of respondents feel that the regulatory burden on their trust had increased.
And that’s only set to be heightened with the demands of DSPT.
Spanning aspects including personal confidential data, training, data access management, incident response, process reviews, continuity planning, and IT protection, achieving compliance across all 10 standards is no easy task.
Therefore, it is vital that organisations leverage any key tools and support available to ease, accelerate and enhance their compliance journey.
But what solutions exactly should healthcare organisations be looking to embrace?
Key security features to prioritise
Enter security information and event management (SIEM) systems.
Built with the intent of helping organisations to detect, analyse, and respond to security threats before they harm business operations, these can be an immense help in addressing some of the major points of compliance listed in the NDG standards.
With that said, not all SIEMs are made equal.
When considering which SIEM to opt for, healthcare organisations should keep an eye out for several features.
First, they should opt for a solution that provides centralised log storage and big data platform capabilities that may scale to any organisation’s size.
Any data held should also be indexed and searchable, while platforms should uphold data privacy functionality and role-based access to log data.
A good SIEM will also help administrators to quickly identify and address dormant accounts via simple audits, enabling them to remove privileged user access when no longer required or appropriate.
Ideally, this would all happen in an automated manner.
Ease of use is another important consideration.
Readable dashboards, alerts and reports should clearly highlight potential issues such as failed logins and bad password management practices, with some SIEMs capable of leveraging machine learning to automatically identify and flag unusual behaviour patterns.
Fourthly, integration with other third-party threat feeds is vital in the modern day.
This will offer key insights into evolving threats such as new payloads or malicious domains, to which security teams can respond accordingly.
Embracing a converged SIEM is critical
It is not just about the features of a SIEM, of course.
Equally, it is important to consider support, scalability and cost.
Organisations should look to work with providers that can help to ensure their systems are effectively implemented and continually used in an optimal manner to maximise their investments.
Further, they should prioritise policies for which the price structure is based on the number of devices, making budget considerations easier and more transparent.
Of course, there is a lot to consider here.
Yet arguably the most important aspect is pursuing a strategy that is centred around a converged SIEM.
Critically, a converged SIEM allows organisations to take a holistic approach to security.
By prioritising the big picture over individual, isolated tools, firms will boost cost transparency and reduce the burdens on security teams faced with managing a variety of disparate solutions.
By streamlining operations, security professionals will be freed up to focus on embracing key practices that align more closely with DSPT standards, ensuring greater ease of compliance for already stretched healthcare organisations.
Enhancing empathy and outcomes: The impact of digital design and UX for rare disease communities
Exploring success: Intelligent fieldwork and Fearsome in usability testing
Europe’s dedicated event for neuro rehabilitation experts returns
100th patient undergoes Deep Brain Stimulation at The London Clinic
Free app for people with Parkinson’s receives charity funding
Listen: Transforming the NHS skin cancer pathway
SurgTech 2024 will shine a light on innovation across the surgical pathway
Trusts to use AI to reduce skin cancer backlog and increase efficiency
Times are hard, but trusts can still make positive IT choices
AI helps cut nuisance alerts for healthcare teams
- News3 weeks ago
Data migration and interoperability specialist ReStart appoints Lynette Ousby as CEO
- Diagnostics1 week ago
Lenus puts automation at heart of diagnostic pathways with CDC Heart Failure roll-out
- Digital health3 weeks ago
UK an attractive market for digital innovators – report
- Insight7 days ago
Transforming NHS procurement: How good data holds the key to integrated care