WannaCry – Why cyber resilience is just as important as cyber security?

In our modern, digital age, technology is constantly evolving at a quicker rate than security solutions are being developed, enabling cybercriminals to carry out attacks more easily and more frequently. This means it’s not a matter of if an organisation will experience a cyberattack, but rather when.

Although cybercriminals attack organisations for many different reasons – money, data, intellectual property – a common consequence is operational disruption. Therefore, on top of cyber security preparations which focus on the prevention of attacks, organisations also need to start creating cyber resilience strategies which focus on recovering from attacks.

The WannaCry ransomware attack

In May 2017, the WannaCry ransomware attack was reported in 99 countries. Due to the nature of the attack, it caused major operational disruption until payments were made.

In the UK, WannaCry manifested itself quickly within the health industry – in particular the NHS’s outdated digital infrastructure. At least 34% of NHS trusts in England were affected and experienced disruptions to patient care as a result, such as cancelled appointments, diverted ambulances and inaccessible phone lines.

Data protection issues

As mentioned before, organisations will experience some form of cyberattack. In fact, in 2016, there was a 250% growth in ransomware attacks alone and, based on the headlines from last year, 2017 was worse than 2016.

With developments in technology, an increase of Internet of Things (IoT) devices (such as patient monitors, CT scanners, CCTV, printers, etc.), outdated security and a lack of individual awareness surrounding cyber security amongst staff, healthcare organisations should assume they will be breached.

Therefore, it’s essential that, along with simple cyber security measures and an increase in staff training, healthcare organisations also need to introduce a robust cyber resilience strategy to minimise operational disruption and ensure a quick recovery from any breach.

Cyber security versus cyber resilience

Up until now, cyber security has been the main focus and, with the introduction of legislation such as the General Data Protection Regulation (GDPR), organisations are concentrating even more on creating processes to protect their data.

However, as we’ve now reached a point where cyberattacks are almost impossible to prevent, this focus needs to shift towards cyber resilience. Cyber resilience brings together cyber security and business continuity to help organisations protect against a breach and to ensure their survival following an incident.

What can you do?

Healthcare organisations need to take control of their own cyber resilience on two levels, by being:

• Aware of threats and consequences.
• Financially prepared to prevent and deal with attacks.

Instead of focusing solely on preventing attackers from accessing a network, they need to create a strategy that reduces the impact of a breach if one does occur. Standard, reactionary and preparatory processes also need to be defined and implemented across both internal and external systems.

Being prepared for the aftermath of a cyberattack is the only way healthcare organisations can protect their patients, their staff and their suppliers, whilst also ensuring they meet regulatory requirements and reduce financial, reputational and operational losses.

Although cyber security and cyber resilience programmes won’t prevent all cyberattacks, the resulting consequences – like those experienced during the WannaCry attack – can be mitigated altogether.