This site is intended for health professionals only
Sunday 19 November 2017
Share |

Is your practice ready to respond to a cyberattack?

In the aftermath of the largest cyber-attack that hit the NHS in May 2017, IT professionals in the UK are unsure their organisations will be able to face another attack

One in 4 (23%) of healthcare IT professionals in the UK revealed that they do not think their organisation will be able to deal with cyberattacks, a new report by Infoblox has shown.

About 305 healthcare IT professionals in the UK and US (152 and 153 respectively in each region) took part in an online survey, which was conducted by the polling company Censuswide.

Around 85% of the UK respondents said that their organisation has a plan in place to respond to a cyberattack.

Many organisations are implementing more effective security measures in the aftermath of the largest cyber-attack that affected the NHS in May 2017, known as the WannaCry ransomware attack.

About 34% of NHS England’s trusts were affected by this attack, including 595 GP practices, according to an investigation by the National Audit Office.

Director of Western Europe at Infoblox Rob Bolton said: ‘The healthcare industry is facing major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands.

‘It’s crucial that healthcare IT professionals plan strategically about how they can manage risk within their organisation and respond to active threats to ensure the security and safety of patients and their data.’

Increased cybersecurity

The Infoblox report showed that 85% of health organisations have increased their cybersecurity spending and around 12% of them have increased it by over 50%.

The report pointed out that health organisations often choose traditional security solutions, such as anti-virus software (61%) and firewalls (57%).

However, following a growing concern about cyberattacks, healthcare organisations have started looking for alternative security measures. Among these, 50% of the organisations invested in network monitoring to spot malicious activity; one third choose Domain Name System (DNS) Security Extensions, which help to disrupt Distributed Denial of Service (DDoS) attacks and data exfiltration; 37% invested in application security.

A few tips from the Infoblox report

In order to be prepared to face the next cyberattack, Infoblox suggested a few recommendations for healthcare organisations.

· Organisations should be aware of the devices that are connected to their network, and of the operating system they use. Network monitoring is a good system that can help IT professionals to identify anomalous behaviour in the network;

· Although some organisations still operate with outdated versions of Windows XP, healthcare IT professionals should have a plan to update operating systems to supported versions;

· Organisations should also have a plan of action ready to respond to any cyberattack in the future, to minimise disruptions in the service.