Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

Cyber security for a digital-first health service

Acorn Newsbot

Junior Member
Joined
Jan 28, 2006
Posts
22,605
Reaction score
126
Despite major ongoing challenges, the UK’s healthcare sector is a world leader. We tend only to hear about the NHS in the news if something has gone wrong. In fact, in 2017 it was ranked the “best, safest and most affordable” healthcare system of 11 wealthy nations. But cyber threats remain a serious risk to stretched finances, patient welfare and reputation. WannaCry cost the health service £97 million and led to an estimated 19,000 cancelled appointments and operations. As systems become more digitised, they will become even more exposed to online attack.

The bottom line is, if healthcare bosses want to create a secure platform on which to drive much-needed digital transformation, they should look no further than the Domain Name System (DNS).

Going digital


It’s hard to generalise about the organisations that comprise one of the world’s largest employers. But it’s true that most IT systems have expanded organically over the years meaning modern and legacy technologies often sit side-by-side. Although a new deal will see Windows 10 rolled out across the health service by 2020, some estimates claim as many as 60% of NHS organisations still use Windows XP. Yet on the other hand, many trusts are accelerating efforts to go paper-free by digitising patient records.

But in digitising, we also offer opportunities for hackers to steal those records. How could they do this? By exploiting vulnerabilities in those operating systems, or even in healthcare workers themselves. The NHS has a large, mobile workforce operating under tremendous pressure. That makes it much easier to trick distracted users into clicking on a phishing link in an email or opening a malware-laden attachment. NHSmail hosts around 1.2 million accounts: that’s a lot of potential victims.

Newly connected IoT devices could also represent a risk. Yes, smart beds, drug infusion pumps and other devices offer hospitals an opportunity to become more efficient and cost effective, and offer a higher quality of patient care. But if left unpatched and unprotected, these systems could also provide a ready-made entry point into the hospital network where patient data is stored, or could even be hijacked themselves or locked down with ransomware. One report claims that nearly a third (30%) of trusts have been affected by ransomware.

The bottom line


So what’s the potential impact of cyber threats on healthcare organisations?

Financial: IBM claims that globally, the average cost of healthcare records ($408) is higher than any other industry. That’s not to mention the cost of ransomware outages or regulatory fines.

Reputational: Any major attack or breach could impact the organisation’s reputation, potentially leading to job losses at the C-level.

Patient care: As WannaCry showed, threats in the online world have the potential to impact the physical world. This will only grow with the expansion of the IoT.

Regulatory: The GDPR both expands the scope of personal data HCOs need to protect and introduces tough new penalties for non-compliance of up to £17m or 4% of turnover. Security must be built into systems “by design and default” and any breaches must be reported within 72 hours.

Time for DNS-based security


Given the risks facing healthcare firms, effective cyber security is clearly a must. But how many organisations have thought about plugging in security defences into their DNS layer? The DNS is known as the “phone book of the internet” — converting domain names to IP addresses so internet-connected machines can communicate with each other. Because it’s a vital part of any organisation’s IT infrastructure, it’s often left running in the background, without any firewall protection.

This is a mistake. Hackers have a wealth of techniques at their disposal to utilise design “flaws” in the DNS to launch phishing attacks, malware, communicate with infected machines and steal data from your organisation. It’s time we focused on this layer with effective security, because with the right approach, DNS can also provide a fantastic early-warning system for attacks — allowing you to detect and block threats before they can make an impact.

That’s what Nominet provides to healthcare organisations via two offerings: NTXprotect and the fully managed service, NTXsecure. By monitoring outbound traffic for the smallest signs of malicious activity, they can protect your network against command-and-control malware, phishing, botnets, cryptomining, data exfiltration and much more. What’s also powerful is the ability to negate those threats before they harm your users and systems.

That’s good news for your organisation, your patients and the bottom line.

Download whitepaper

The post Cyber security for a digital-first health service appeared first on Nominet.

Continue reading...
 

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

☆ Premium Listings

Sedo - it.com Premiums

IT.com

Premium Members

Acorn Domains Merch
MariaBuy Marketplace

Domain Forum Friends

Other domain-related communities we can recommend.

Our Mods' Businesses

Perfect
Laskos
*the exceptional businesses of our esteemed moderators
General chit-chat
Help Users
  • No one is chatting at the moment.
  • Helmuts @ Helmuts:
    @Admin please enable the chat visible to unregistered users, or who haven't signed in their accounts. Tx
  • Helmuts @ Helmuts:
    please
    brave_qptn86fptt-png.4616
  • D AcornBot:
    DLOE has left the room.
  • Helmuts @ Helmuts:
    also, please keep the restriction in regards to posting > posting permission should be available to members only
  • Daniel - Monetize.info @ Daniel - Monetize.info:
    Welcome everyone!
  • Helmuts @ Helmuts:
    @Daniel - Monetize.info
    chrome_8fedcfysiy-png.4617
    .. can you see this one?
  • Helmuts @ Helmuts:
    nice, isn't it? :)
  • alan AcornBot:
    alan has left the room.
    • Wow
    Reactions: Jam
  • alan AcornBot:
    alan has joined the room.
  • alan AcornBot:
    alan has left the room.
  • alan AcornBot:
    alan has joined the room.
  • Helmuts @ Helmuts:
    Hi Alan
  • Helmuts @ Helmuts:
    long time no see
  • Helmuts @ Helmuts:
    hows parachute doing?
  • Helmuts @ Helmuts:
    :) huhhh.. Joe Rogan has just published an interview with Donald Trump
    To view this content we will need your consent to set third party cookies.
    For more detailed information, see our cookies page.
  • Helmuts @ Helmuts:
    almost 3 hours..
  • Helmuts @ Helmuts:
    morning all :)
  • Helmuts @ Helmuts:
    .. is anyone going to domain day in Dubai or icann Turkey?
    • Like
    Reactions: gdomains
  • boxerdog AcornBot:
    boxerdog has left the room.
  • Helmuts @ Helmuts:
    Greetings from Istanbul, Turkey!
  • alan AcornBot:
    alan has left the room.
  • C AcornBot:
    cav has left the room.
      C AcornBot: cav has left the room.
      Top Bottom