CS Mar Apr 2022
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
NHS breaches<br />
industry would greatly benefit from understanding<br />
who is likely to attack them and<br />
how, he adds. "It is also critical for the<br />
healthcare sector to strike the right balance<br />
between usability and security. Any chosen<br />
solutions should improve security posture,<br />
while minimising the impact on service."<br />
First, healthcare organisations should<br />
ensure that they have offline backups and<br />
strong encryption in place, Prudhomme<br />
recommends. "The best form of defence<br />
against threats like ransomware attacks is<br />
to eliminate the opportunity of paying a<br />
ransom demand. Ransomware gangs have<br />
learnt that backups are the best form of<br />
defence against their attacks and strong<br />
encryption is going to make it nearly<br />
impossible for them to leak the data."<br />
Healthcare organisations can look to<br />
technology such as threat intelligence to<br />
shed light on the tactics, techniques, and<br />
procedures (TTPs) of threat actors and get<br />
the heads up on threats before they<br />
actually happen. "This allows them to tailor<br />
their security strategy accordingly," he adds.<br />
"When healthcare organisations understand<br />
who may attack them and how they could<br />
do it, they can put security measures in<br />
place that are effective, but minimise the<br />
cost."<br />
CRIMINAL SUCCESS NOT A GIVEN<br />
While attacks are inevitable, criminal<br />
success is not, comments David Sygula,<br />
senior analyst at CybelAngel. "The trouble<br />
is that organisations are big and there is a<br />
lot of data in many hands. Organisations<br />
often don't realise that they've left sensitive<br />
data exposed and therefore believe they're<br />
completely secure." There are several ways<br />
that organisations can unintentionally<br />
leave data vulnerable to cyber theft, such<br />
as exposed databases, forgotten databases<br />
and third-party weaknesses.<br />
"Over time," he states, "we've noticed that<br />
a major cause of exposed cyber records is<br />
human negligence, either because of skill<br />
shortages, overwhelming workloads or lack<br />
of visibility. "To keep data secure, teams<br />
must stay on top of patching, although this<br />
can be complicated and time-consuming.<br />
Additionally, if the open API access is<br />
misconfigured, then all efforts will go to<br />
waste and the data will be left exposed<br />
anyway. One wrong move could result in<br />
devastating consequences."<br />
Looking beyond the initial fear of losing<br />
sensitive data, once an attacker gains<br />
access to the network they will endeavour<br />
to keep their foothold so they can breach<br />
more data. "No part of the system will be<br />
safe," warns Sygula. "It can be hard to tell<br />
which areas of the network are infected.<br />
Even if the initial point of entry is discovered,<br />
criminals can navigate undetected,<br />
causing major damage before they are<br />
finally discovered."<br />
GETTING THE BASI<strong>CS</strong> RIGHT<br />
An effective security strategy must be built<br />
on strong foundations - which start with<br />
getting the basics right, he adds.<br />
"As patching systems are a crucial element<br />
of securing data, organisations must ensure<br />
the necessary training is provided to avoid<br />
human error, especially if there is a skills<br />
shortage. Additionally, IP scanning solutions<br />
can help identify existing data leaks and<br />
which databases, cloud storage or network<br />
storage devices need priority action." The<br />
final step, he points out, is automating this<br />
process, so that incidents are handled<br />
quickly and efficiently.<br />
"Digital risk solutions are available to<br />
disrupt their kill chain by blocking the<br />
footholds that attackers rely on," Sygula<br />
concludes. "Organisations will be able to<br />
uncover existing exposures and correct any<br />
weaknesses within databases before any<br />
damage is done. This increased visibility is<br />
vital for maintaining and strengthening<br />
defences - and keeping attackers out."<br />
Paul Prudhomme, IntSights, a Rapid7<br />
Company: it is critical for the healthcare<br />
sector to strike the right balance between<br />
usability and security.<br />
Ronan David, EfficientIP: the Domain Name<br />
System is ultimately being used as a path for<br />
cyber criminals to launch cyberattacks.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Mar</strong>/<strong>Apr</strong> <strong>2022</strong> computing security<br />
27