ehi LIVE is the UK's number one show for all those involved in digital health, hospital information, cyber security and healthcare innovation.
As traditional crime rates continue to fall, cyber crime is heading in the other direction, while the IOT’s is multiplying the vectors of possible attack. So why the NHS? A white paper recently published by the institute for critical infrastructure technology (ICIT) has concluded the Healthcare Sector is the most vulnerable and least equipped to defend against such events. These systems are critical to our day-to-day life and cyber-attacks on the NHS affect us all. Cyber criminals know this and they also know the constraints placed on the NHS through a lack of funding. This makes the NHS a “soft target” and a particularly lucrative one too, this is why we have seen huge ransomware campaigns directed at NHS trusts nationwide.
A 2016 threat report by a leading Security Vendor discovered more than 430 million new unique pieces of malware in 2015, which is up 36% previously. Together with continued growth of existing ransomware campaigns the frequency of these attacks virtually doubled in 2015.
Businesses have been focusing on building security infrastructures to keep out increasing numbers of external threats, unfortunately many have been blind to threats that penetrate the network from the other direction. These internal threats come from employees, patients, and even contractors, being attacked by threats from what is considered “friendly devices” inside the perimeter. However, the employees themselves often do not possess the sense or the know-how for “dangerous” devices. The devices used are usually not conceived for the use in a company and thus they are not easily and centrally manageable. Allowing for just certain devices opens the access to all others, if no corresponding control instance is implemented at the same time or even before. This instance is called Network Access Control. Bearing these new trends in mind, organisations need to boost their security strategy and protect the vast networks that provide our critical applications and data sources.
macmons network access control (NAC) resides at a central location providing you with total visibility of every device that is on your network. Integrating extensively with third party security solutions to enhance their capabilities. Intrusion prevention, vulnerability management and security information and event management systems can all be integrated with macmon to provide full contextual security awareness of your network and the ability to react in real time. Providing you with the defences you need be it external or internal thus being wired or wireless.
macmon’s compliancy technology can help mitigate risks significantly by allowing NHS trusts to proactively monitor Windows Updates and react in real-time to virus outbreaks. Checking devices as they enter the network to ensure the latest anti-virus is in force on the device or taking the necessary course of action.
Threats to the NHS are not only external, NHS trusts have significant risks in regards to insider threats. Healthcare records have fast become the most valuable item sold in the cyber underworld, they contain all of the most important information about an individual (national insurance numbers, date of birth, next of kin, home addresses and patient medical history). All of this information can be used to coerce, impersonate and attack patients. The majority of data breaches worldwide are due to the exploitation of incorrect privileges on the network. macmon’s VLAN management technology limits devices to their specific network segments and extensive reporting features let you see which devices have accessed particular network segments and when. For each device the information is available, regarding which switch, which port or which access point it is operated on. These Details are mandatory to efficiently react to unknown and undesired systems and components. Thus eradicating tedious daily network tasks.
Additionally and not at least, macmon’s hybrid technology strategy allows you to always cover the entire network instead of part, without having to deploy anything except the central server. Especially in critical areas like surgery rooms, network availability is mandatory. This means, depending on the business task of each specific network area, macmon is able to deliver a high level of security by segmenting the network and controlling the connected devices, while the NAC Server itself does not cause any dependencies. DIN EN 80001-1 as a result is supported massively.
Whilst it is of paramount importance to protect the network from attack it is also critical to have the tools in place to deal with a real time threat. Threat to response time being crucial to the impact and performance of your network. macmon provides you with a reduction of administrative effort.
macmon is protecting NHS trusts in the United Kingdom and healthcare providers across Europe. Our smartly simple approach protects valuable medical & patient data from malicious and non-malicious data breaches.
With evolving cyber threats facing the NHS and other healthcare organisations, addressing cyber security must be a priority for all organisations handling patient records and sensitive data.
The Infection Prevention Society elaborates on why effective hand washing, as well as a few other simple measures, can make all the difference in preventing winter infections.