Forewarned is forearmed: in an ever more connected world, how can you safeguard your patients and your organisation?
A more connected world
From browsing the internet while out walking to tweeting at conferences, we’re increasingly living online. Many of us value this convenience and ease of accessibility, and as we all know, a more connected world has many advantages, whether making us more available to family, friends and colleagues to being able to find information on almost anything, at work or during our leisure time.
Across industries such as retail to banking and manufacturing, technology is helping boost sales, increase productivity and deliver more convenient services to customers. And within health and care, patients, clinicians and care organisations are enjoying the benefits of virtual consultations, digital patient records and online appointment booking systems.
Unfortunately however, being more connected also introduces many new threats. In our personal lives for example banking, shopping and other data are highly prized by hackers and the effects of identity theft or stolen bank details are not only inconvenient, but can be life changing. Industry is also being targeted, particularly public sector organisations. Healthcare is second only to education in terms of vulnerability to attack, with both well ahead of government, retail and finance.
Held to ransom
Then there is the increasing prevalence of new threats like ransomware, which demonstrate that both attackers and their tools are becoming increasingly sophisticated. Unfortunately, they are also becoming easier to use, meaning that they are no longer the exclusive preserve of seasoned cyber criminals.
Not surprisingly, many organisations are struggling to respond, especially as the threat domain is constantly evolving. And with the next wave of connected devices, the Internet of Things (IoT) means billions of elements will be connected.
While this connectivity will doubtless derive many benefits, it will also introduce new ‘back doors’ and more potential breaches. Within the hospital or clinic, connected medical devices, and third-party equipment and systems all open up new areas of attacks, while externally telehealth wearables, telemetry equipment and a new breed of health apps all present substantial security threats alongside their benefits.
And in July 2016, Dame Fiona Caldicott’s review into security and information governance in the NHS called for tougher penalties and more stringent data and information controls, including an improved Information Governance Toolkit (ITK), stronger cyber security controls, data protection enhancements and harsher penalties for malicious data breaches.
Tackling the top ten
Email, web, social, mobile and malware – the threat domain has increased and evolved and the number of healthcare data breaches is growing. The bad news is that all the traditional threats still exist too; human behaviour, legacy system patching, cultural issues and lack of relevant IT skills. Furthermore, traditional approaches to information governance and security are no longer enough to safeguard health and care organisations. The focus used to be on preventing attacks, but a more pragmatic approach is now needed to tackle this vast and varied threat domain.
The good news is that Cisco has identified ten security challenges that are common to health and care organisations in our new guide to securing digital health and care communities. We have also examined how to address these challenges through solutions that help to create a robust security system that protects your patients, staff and organisation.
Over the next few weeks, we’ll tackle each challenge and help you on the road to a healthy organisation.
There’s never been a better time to review your security requirements. Start here with Cisco.Tags: