Search Our Site

We have 3,557,162 registered online learners.
835 new learners so far today.

WannaCry – Why cyber resilience is just as important as cyber security?

schedule 11th April 2018 by James Heels in Virtual College

Cyber security medical laptop

In our modern, digital age, technology is constantly evolving at a quicker rate than security solutions are being developed, enabling cybercriminals to carry out attacks more easily and more frequently. This means it’s not a matter of if an organisation will experience a cyberattack, but rather when.

Although cybercriminals attack organisations for many different reasons – money, data, intellectual property – a common consequence is operational disruption. Therefore, on top of cyber security preparations which focus on the prevention of attacks, organisations also need to start creating cyber resilience strategies which focus on recovering from attacks.

The WannaCry ransomware attack

In May 2017, the WannaCry ransomware attack was reported in 99 countries. Due to the nature of the attack, it caused major operational disruption until payments were made.

In the UK, WannaCry manifested itself quickly within the health industry – in particular the NHS’s outdated digital infrastructure. At least 34% of NHS trusts in England were affected and experienced disruptions to patient care as a result, such as cancelled appointments, diverted ambulances and inaccessible phone lines.

Data protection issues

As mentioned before, organisations will experience some form of cyberattack. In fact, in 2016, there was a 250% growth in ransomware attacks alone and, based on the headlines from last year, 2017 was worse than 2016.

With developments in technology, an increase of Internet of Things (IoT) devices (such as patient monitors, CT scanners, CCTV, printers, etc.), outdated security and a lack of individual awareness surrounding cyber security amongst staff, healthcare organisations should assume they will be breached.

Therefore, it’s essential that, along with simple cyber security measures and an increase in staff training, healthcare organisations also need to introduce a robust cyber resilience strategy to minimise operational disruption and ensure a quick recovery from any breach.

Cyber security versus cyber resilience

Up until now, cyber security has been the main focus and, with the introduction of legislation such as the General Data Protection Regulation (GDPR), organisations are concentrating even more on creating processes to protect their data.

However, as we’ve now reached a point where cyberattacks are almost impossible to prevent, this focus needs to shift towards cyber resilience. Cyber resilience brings together cyber security and business continuity to help organisations protect against a breach and to ensure their survival following an incident.

What can you do?

Healthcare organisations need to take control of their own cyber resilience on two levels, by being:

  • Aware of threats and consequences.
  • Financially prepared to prevent and deal with attacks.

Instead of focusing solely on preventing attackers from accessing a network, they need to create a strategy that reduces the impact of a breach if one does occur. Standard, reactionary and preparatory processes also need to be defined and implemented across both internal and external systems.

Being prepared for the aftermath of a cyberattack is the only way healthcare organisations can protect their patients, their staff and their suppliers, whilst also ensuring they meet regulatory requirements and reduce financial, reputational and operational losses.

Although cyber security and cyber resilience programmes won’t prevent all cyberattacks, the resulting consequences – like those experienced during the WannaCry attack – can be mitigated altogether.

James Heels Author

Author: James Heels

James is a Learning Technology Advisor with a keen interest in healthcare, having worked in the healthcare industry for 5 years with a variety of system providers. In his spare time, he likes to play football, watch Manchester United and explore the countryside with his basset hound.

CPD
investors-in-people-silver
ISO 9001:2015
bcs-accredited-training-partner
Crown Commercial Service Supplier
LPI Accredited Learning Technologies Provider

Contact

+44 (0)1943 605 976

Virtual College

Marsel House

Ilkley

West Yorkshire

LS29 8DD

Awards for footer
Gold and silver award winners at the Learning Technologies Awards 2017 - including gold for excellence in the design of learning content.

Login

We are in the process of moving to one Virtual College website. If you want to go back to a course, or start a course, bought from our old website then you may need to login to our original learning management system. Otherwise, please proceed to our new learning management system to return to your training.

LMS

You are already logged in. Click the button below to be taken to your LMS dashboard. Alternatively, click logout to leave the system.