One in eight people in the UK have had personal medical information stolen in cyber-attacks from supposedly secure systems, according to research.
And current security frailties in the healthcare sector are only the tip of the iceberg, says Eileen Haggerty, senior director of Netscout.
Digital transformation has changed the value of patient information as we move to a data-driven economy.
But as patient medical records become currency, they also present a danger when it comes to network breaches, down time, and overall patient care.
“In an industry where business as usual means saving people’s lives, it’s not enough to be purely reactive to issues on the network as and when they arise,” said Haggerty.
Eileen Haggerty, senior director of Netscout
“[Stolen information] contains sensitive information that can endanger an individual. If these are accessed, altered, or deleted it can mean gravely serious consequences.”
Heading up Netscout’s Enterprise Business Organization, which focuses on the healthcare market, she believes medical records need an added ‘layer’ of security compared with other stored data.
Haggerty added: “You can’t protect what you can’t see. The first step in protecting patient data is visibility.
“It is vital to take a proactive, or even a preventative, approach to monitor and analyse traffic at critical points throughout the wired and wireless healthcare environment.
“This will provide visibility before, during and after disruptions occur, enable rapid response with the details necessary to isolate and resolve.
“Second step in protecting patient data is to ensure superior analytics are available.
“Another important component of this is to ensure the analysis is complete.
“This will mean being able to recognize the many services in a healthcare environment from the unique services they depend… so when something nefarious is added, it is easier to identify.”
Last week, the NHS was hit by a global cyberattack described as the biggest ransomware outbreak in history by Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure.
“Ransomware is certainly the most widely publicized problem today for a hospital,” said Haggerty.
“With the advent of connected devices and the IoT, smart beds, monitors, even dialysis machines have the potential to be hacked, meaning potential DDoS attacks on hospital, resulting in critical problems for that organisation.
“This is a business where success is measured in lives saved, so the problems that such unsecured systems pose are more important than many other industry areas.
“However, a way to combat this is having a tool that allows complete, in depth and real time analysis of every layer of your network, including connected devices and network layers, wired and wireless environments. Any anomalous traffic can then be examined and dealt with before, rather than as, it becomes a problem.
“Healthcare technology, in its current form, is prevention rather than the cure. It’s got the potential to address the issues faced by the NHS by making it quicker, easier, and safer to treat patients.
“But it can’t happen without the NHS, and all other healthcare organisations, learning to take the pulse of the IT networks that power the applications and services they’ve come to rely upon.”
“Security is a vital concern. These networks cannot be breached as they hold incredible amounts of sensitive information.
“The network can’t be allowed to suffer performance issues either. Otherwise those same applications that doctors and nurses have come to rely upon won’t function like they should.”
Netscout is a global market leader for business assurance provisions, which is a combination of service assurance, cybersecurity and business intelligence solutions.