- Given the worldwide threats to society and the cyberworld, how do we protect our healthcare systems?
We meet visiting speakers at #Rewired2022: Richard Staynings, globally renowned thought leader on cybersecurity and Chief Security Strategist at Cylera, and Phil Howe, Chief Technology Officer (CTO) at Core to Cloud to consider…
What are the current cyber threats to the digital healthcare sector?
Richard: We know that recent attacks have included an extensive list of crippling ransomware campaigns that have disabled entire national health systems like the Irish HSE in 2021, to the near bankrupting of large private US health systems, right through to causing small medical and dental practices to have to close-up shop. We know that the threats, given the current news, are only going to escalate.
Phil: We are all aware that these threats are ongoing. Ransomware, data hacker attacks and cyber extortion are highly destructive breaches that can cripple an organisation in minutes. The sophistication of the technology keeps on evolving. The scope to infiltrate a country or organisation right down to someone’s home means the threats are always there. As a case point example, WannaCry crippled much of the UK and other international healthcare systems.
Watch out! What do those in the industry need to be aware of to preserve digital healthcare systems?
Phil: An organisation must have a ‘whole’ approach to cybersecurity. Cyberespionage, cyber threats, cyberattacks, these are all real and alive. To keep it simple, cybersecurity is, in three simple steps: detect the threat, protect from danger, and stop the threat. However, cybersecurity solutions cannot be one-size-fits-all. There are nuances to consider from one organisation to another in analysing threats, data detection capabilities, and the type of protection.
Can you give an example?
Phil: The NHS is a notable example. It is a massive organisation. If you drill down to each hospital, they are multi-faceted organisations. As a case study, The Royal Bolton Hospital is renowned as a major hub within Greater Manchester for women’s and children’s services and is the second busiest ambulance-receiving site in the region. Luckily, WannaCry did not adversely affect the hospital as they were already working with Core to Cloud.
However, the checks following WannaCry identified an extra layer to protect the hospital’s medical devices. Healthcare IoT is advancing, and we must be prepared to tackle these cybersecurity challenges head-on to protect patient care and safety.
But it took the seriousness of this attack as an organisation to consider further protection from evolving threats?
From the lessons learned, and the seriousness of the WannaCry attack, the hospital knew they needed a solution that could understand the behaviours and patterns on the whole network, perform analytics, and automatically solve issues where necessary – they did not want to be underprepared.
Richard: This highlights a real response ‘whole’ approach to ensure every precaution to protect all systems within an organisation – while acknowledging that there is not just one solution to fight these heinous cybercrimes. Working in collaboration, Core to Cloud provided the solution to protect the connected MIoT networks and detect those accessing systems both approved and crucially not approved.
Phil: To expand, the hospital was already successfully implementing our Vectra and Pentera solutions, allowing them to detect threats in real-time and conduct tests to uncover exploitable weaknesses on the network. Today, most devices can connect to the internet, making them detectable on a network. With thousands of devices connecting to a hospital network 24/7, managing and securing the IT environment is becoming increasingly challenging.
Richard: The hospital needed a purpose-built, centralised solution for the medical devices that would not disrupt or jeopardise patients’ care yet solve the complex technological and operational cybersecurity challenges that hospitals face. Using Cylera, the only solution built entirely for healthcare IoT, Core to Cloud implemented a centralised cybersecurity solution, thus protecting the entire connected healthcare IoT environment. It now offers 360-degree visibility for all managed and unmanaged connected devices, identifying vulnerable devices and scanning IoT and medical devices. Crucially, this does not affect the asset and patient care while providing real-time detection that quarantines hostile threats with industry-leading accuracy rates to stop the attacks.
Phil: It is about future-proofing the healthcare systems to eradicate cyber incidents before they take hold. However, it is not about one solution but a layer of solutions in protecting, detecting, and stopping attacks.
Core to Cloud is the only UK supplier of Cylera products, and both Phil and Richard will be at Stand D21 during #Rewired2022 and welcome all conversations.
Other confirmed Rewired 2022 speakers include: