Somebody Fetch a Doctor: the NHS and Cybersecurity | CyberSecuritySpeak

Racepoint Global

Picture this: you are part of a hospital network that receives and treats over 1 million patients every 36 hours providing round-the-clock care and treatment as varied as X-rays, delivering new babies and organ transplants. And the patient number is growing year-on-year. In the local area, the hospital you work in provides care to the entire community is a life line for many patients who, for example, are elderly and unable to travel the distance to the next hospital.

In order to meet demand, and to save and improve lives in the local community, your hospital or local trust invests in an electronic patient system. Patient data including medical histories, appointments, operation schedules is stored on this network, and it is critically important for the daily running of the hospital. As a medical practitioner, you and your patients are reliant on this system.

And then it goes wrong.

Such was the case on May 12th, when the NHS fell victim to the most extensive ransomware attack to date. WannaCry ransomware diverted ambulances, stopped patients being issued vital medications, halted test results, and, crucially, rendered medical records inaccessible.

This isn’t something out of the film Hackers, this is the reality that healthcare providers are faced with every day. NHS trusts up and down the country were caught out with a cyber-attack management plan that was found wanting. And with healthcare data 10 times more valuable than financial data on the black market (not to mention lives being at stake) laxness when it comes to cybersecurity is not an option.

It has never been more pressing that critical IT infrastructures are protected. With the average data breach costing £4.25million and the human cost even higher, it’s critical that IT departments know their phishing scam from their proxy server, and their firewall from their IDS. Lives depend on it.

Vendors, this is where you step in. The need for security solutions in the NHS and beyond is clear but communicating to the buyers in this environment is a challenge. You need to show awareness of the pressure IT departments in hospitals are under – financial and operational – and an understanding of the current and future threat landscape.

We can help. If you’re going to be at InfoSecurity Europe this June and want to learn more about how to get your communications plan in order – or join one of our free PR Consultancy Clinics – get in touch on cybersecurityspeak@racepointglobal.com