News in the Channel - issue #16

SECURE NETWORKS IN THE HEALTHCARE SECTOR

Health check With healthcare settings now producing huge amounts of data, they are becoming an increasing target for cyberattacks, which means that network security needs to be a focus – and this presents opportunities for resellers.

The recent ransomware attack that affected NHS Dumfries and Galloway, which is currently being investigated by Police Scotland and the NCSA, highlighted the threats that healthcare networks can come under. While on this occasion, there was no direct risk to life, there were concerns that confidential data had been exfiltrated. Richard Staynings, chief security strategist for Cylera, notes that healthcare networks are subject to all kinds of ransomware attacks. “They are chronically underfunded in terms of cyberdefences,” he says. He adds that they are targets for multiple actors, from cybercriminals to aggressive states out to make an impact through sending political messages. “And so, consequently, the industry faces a challenge to protect itself.” The reason why they are such targets is simple; Richard notes that the NHS is the world’s largest producer of data. “Particularly protected data that is regulated and therefore should be non-public under the law,” he says. “It therefore requires massive amounts of storage for that data, which is growing in an almost exponential clip; approximately 30% of the world’s data volume being generated by the healthcare industry alone. Keeping that secure while in transit and at rest is obviously a massive concern. And that requires large amounts of hardware.” Richard adds that another problem is that

some of the architecture used in the NHS is old and requires updating and replacing, especially as more medical applications move to the cloud. “Patients have more access to their medical records, their GPs, pharmacies and other medical providers, and need to be able to access that via a portal or a mobile app,” he says. “That is also adding to bandwidth constraints. Then we’ve got the original architecture of those local area networks in hospitals which are flat, whereas in many other industries, they’re segmented.” Security challenge Another problem is that the systems were never designed with security in mind, Richard adds. “This has been compounded by a move of applications to the cloud and by the rise in popularity of SSE and SASE- based networks, which are edge-based rather than call-based,” he says. “We’ve seen some university hospitals in London that have moved to an edge-based network successfully. Others are still in the old network topology of hub and spoke-based networking. But the nature of what is connected to the network is significantly changing our design and hardware and software requirements for networking. The technology has moved to software defined networking from all the major network providers, led by Cisco, which dominates most hospital systems around the world, particularly the NHS.” Neil Langridge, marketing and alliances director at E92, adds that the huge growth of network and internet connected devices in healthcare has given rise to increased challenges in cybersecurity. “It’s not just from the usual concerns around data breaches and ransomware,” he says. “Healthcare is one of the leading industries in the adoption of operational technology (OT), and the connected devices outside of traditional IT. Indeed, the IoMT (Internet of Medical Things) is expected to reach a market value of $187 billion by 2027. From medical imaging devices to refrigeration to critical power supplies, the modern hospital is increasingly digital. And that

Richard Staynings

cylera.com

Approximately 30% of the world’s data volume [is] being generated by the healthcare industry alone. “ ”

44

Powered by