Last week there was a coordinated cyber attack that hit over 150 countries and caused significant outages in organizations across industries. The hardest hit industry was in Healthcare, especially in the UK where the NHS Trust hospitals were severely affected. As the attack spread around the globe, Administrative and IT departments rushed to fortify defenses for their organizations, often with the simple instruction to “unplug everything” which led to additional collateral damage and loss of services. This strategy, while effective, often causes as much disruption for organizations as the actual attack.
Many organizations simply do not have the tools in place to give them the ability to see what is happening on their network in real time so they feel they have no choice but to use a brute force defense to protect themselves. While every organization thinks they are managing the security requirements of their IT and network environments adequately, the simple truth of the matter is that they are not. Security strategies are often piecemeal and encompass only certain high-visibility parts of an organization’s environment. This strategy may have helped in the past but it simply does not work today.
It’s critical that organizations have comprehensive security strategies in place that encompass all aspects of their organizations from their network, both wired and wireless, to application intelligence and control, IoT security, and edge security. This is especially true in healthcare, which has become the most targeted industry and has seen an increase of over 300% in direct cyberattacks over the past 18 months. Part of the reason for this increase is that individual medical records are worth three times as much as individual records in other industries, including finance. The other is that most healthcare organizations would not get a grade above a C- in terms of their preparedness and security strategy for their organization. This is especially worrying because when organizations like Fed-Ex, Renault, and Telefonica get hit there are direct financial implications due to loss of services, but when healthcare organizations such as the NHS in the UK are hit, not only are there financial implications but direct clinical and patient safety implications as well. Hospitals that have to suddenly revert from being completely digital back to manual and paper can slow workflows down by 50% or more. We need to remember that when this happens there are nurses and clinicians who remember what this paper workflow looks like, but now there are entire generations of clinicians who have never had any experience other than a digital one during their careers. This leads to more slowdown as these digital native clinicians are adjusting on the fly during these emergencies.
Healthcare organizations, as well as other organizations, must establish more formal Information and Security Governance strategies that encompass all aspects of their environment. We live in a world where a small group of attackers, who have still not been identified, affected millions of people with this single attack, an attack that could have been much worse. The United States was spared most of this attack because the spread of the malware was accidentally stopped by a malware blogger out of the UK. With the amounts of money involved organization must expect these types of attacks to increase and get more sophisticated. The next attack may not come in through an email with malware but could instead originate from an unsecured connected device like a printer or camera inside of an organization. Information and Security Governance as a strategy formalizes a methodology for looking at every part of the environment. As manufacturers, we must do our best to enable our partners with the ability to better protect themselves in what has become an increasingly dangerous world, where small numbers of people with minimal resources in the digital world can impact millions of people in the real one.
To learn more see 7 Steps for Protecting Your Organization from Ransomware.