Infoblox report finds 1 in 4 UK healthcare IT professionals arenโ€™t confident in their organisationโ€™s ability to respond to cyberattacks

New report examines whether the healthcare industry is prepared to combat evolving cyber threats.

London, UK โ€“ 14 November 2017 โ€“ Infoblox Inc., the network control company that provides Actionable Network Intelligence, today announced new research that revealed one in four UK healthcare IT professionals arenโ€™t confident in their organisationโ€™s ability to respond to cyber attacks.Technology is booming in healthcare organisations with digital transformation policies leading to increased adoption of connected medical devices, big data analytics for faster and more accurate diagnoses, and paperless systems for the easy exchange of patient information.

As technology becomes more ingrained into core healthcare offerings, there is an increased threat of cyber attacks disrupting services, stealing sensitive patient data, and putting lives at risk. Infoblox commissioned a survey of UK and US healthcare IT professionals to gain a better understanding of whether the healthcare industry is adequately prepared to combat this evolving threat.

Infobloxโ€™s report Cybersecurity in healthcare: the diagnosis reveals:

Ready for ransomware

Following the significant disruption caused to the NHS by WannaCry in May 2017, many healthcare organisations are preparing themselves for further ransomware attacks. One-quarter of participating healthcare IT professionals reported that their organisation would be willing to pay a ransom in the event of a cyber attack. Of these, 85 percent of UK respondents have a plan in place for this situation.

Dangerous operating systems

The number of connected devices on healthcare organisationsโ€™ networks is exploding, with 47 percent of the large healthcare organisations surveyed indicating that they are managing over 5,000 devices on their network. One in five healthcare IT professionals reported that Windows XP is running on their network, which has been unsupported since April 2014. 18 percent indicated that connected medical devices on their network are running on the unsupported operating system, leaving organisations open to exploitation through security flaws in these unpatched devices.
Patching outdated operating systems is impossible for the 7 percent of IT professionals responding that they donโ€™t know what operating systems their medical devices are running on. Even when the operating system these devices run on is known, a quarter (26%) of large organisations either canโ€™t or donโ€™t know if they can update these systems.

Investing against the threat

85 percent of healthcare IT professionals reported that their organisation has increased their cybersecurity spending in the past year, with 12 percent of organisations increasing spending by over 50 percent.
Traditional security solutions are the most popular, with anti-virus software and firewall the solutions most invested in over the past year, at 61 percent and 57 percent respectively.

Half of organisationsย have invested in network monitoring to identify malicious activity on the network; one third have invested in DNS security solutions, which can actively disrupt Distributed Denial of Service (DDoS) attacks and data exfiltration; and 37 percent have invested in application security to secure web applications, operating systems and software.

Rob Bolton, Director of Western Europe at Infoblox said: โ€œThe healthcare industry is facing major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands. Digital transformation presents a massive opportunity to support the doctors and nurses who work tirelessly โ€“ but these new technologies also introduce a new cyber risk that must be mitigated. The widespread disruption experienced by the NHS during the WannaCry outbreak demonstrated the severe impact to health services that can be caused by a cyber attack. Itโ€™s crucial that healthcare IT professionals plan strategically about how they can manage risk within their organisation and respond to active threats to ensure the security and safety of patients and their data.โ€

The report includes a case study on how Geisinger Health uncovered malicious activity on its network and was able to quickly and accurately identify the offending device, containing the malware before it spread throughout the network.
Commenting on the event, Rich Quinlan, senior technical analyst at Geisinger Health, said: โ€œIn spite of all the conventional steps we take to protect our internal network, patient care could still be affected. We could have an entire hospital full of useless ultrasound devices because one was brought in with a virus and we have no control over them. And if it was able to exfiltrate data, we would have a compliance issue.โ€
The report also draws on the survey findings to provide actionable recommendations to healthcare organisation to better combat against the evolving cyber threat.

+ posts

Head of #Digital #Innovation @CompareTheCloud - Every Day #Creating #SilverLinings.

Unlocking Cloud Secrets and How to Stay Ahead in Tech with James Moore

Newsletter

Related articles

How AI is Transforming Customer Communication Management

Business communication has evolved over the years. Today, it's...

Investment Opportunities for Startups and Technologies in AIย 

Although artificial intelligence developed from niche technology has become...

Four Surprising Lessons I’ve Learned Leading Tech Teams

Techies. Geeks. Boffins. Whatever your organisation calls its IT...

A Business Continuity Cheat Sheet

Right, let's be honest. When you hear "business continuity,"...

Challenges of Cloud & Ultima’s Solution to Transform Business

With the way that AWS and Microsoft dominate technology...