Cybersecurity a priority for the Ministry
Tuesday, 31 July 2018
Return to eHealthNews.nz home page Picture: Ministry of Health chief technology and digital services officer Ann-Marie Cavanagh
Digital Vision: A regular column by Ann-Marie Cavanagh
Reports of high numbers of cyberattacks can be alarming, but the issue is not the number of attacks blocked but whether systems fail to prevent them becoming breaches.
The health sector is an attractive target for hackers and cyber-criminals, and challenges to our organisations’ cybersecurity are real.
Like most large organisations, the Ministry of Health is on the receiving end of more than a million attempted cyber intrusions each week. That number sounds colossal, as if the Ministry is constantly the subject of targeted attacks by malicious actors. So what exactly are we counting?
While there are certainly a number of what we would consider attempted cyberattacks, there are a far higher number of malicious connection attempts which are regularly and routinely blocked by our IT systems.
Our email security systems are also constantly blocking or filtering emails that may contain malware or phishing attempts – and these attempts count towards the total number of attempted cyber intrusions the Ministry records against its own systems.
It could be that other organisations reporting a larger number of cybersecurity events are recording all traffic hitting their firewall, at which point the malicious attempt is blocked. The majority of cyber-intrusions recorded could be something as simple as a bot scanning for vulnerabilities within systems or devices. Another organisation could be measuring actual threats or attacks that have affected their organisation.
Differences in what is counted provide vastly disparate numbers and make comparison difficult between organisations.
Breaches not attempts indicate vulnerability
What is most important to note when looking at the number of attempted cyber-intrusions is not the figure showing how many attempts have been recorded – but how many actual breaches occurred. Experiencing a large number of cybersecurity events or attempts isn’t an indication of whether an organisation is vulnerable or has been infiltrated.
No matter how robust the technology or processes an organisation has in place, we can never be complacent – cybersecurity is a sophisticated and evolving environment, and it can be a different threat each time.
All organisations within the health sector need to remain vigilant, and constantly update their people, processes and technology to ensure their systems are fit for purpose.
For any organisation, protecting the data it holds is of paramount importance. New Zealanders’ health data, held by various organisations throughout the sector, is by its nature sensitive and personal. Any unauthorised access to this information by malicious actors would be hugely distressing to any individuals affected by a data breach, and the sector is incredibly focused on ensuring the privacy and security of health data.
The bigger threat to the health sector from cyber criminals is that of attacks like ransomware, which can compromise entire systems and all devices linked to or run by computers.
We are not alone in facing these threats – health systems around the world have the same challenges. The WannaCry virus just last year crippled the UK’s National Health Service, showing what can happen if computer and information systems are compromised in clinical situations.
Ministry approach to cybersecurity
While each district health board manages their IT systems individually, the Ministry of Health works closely with the sector to ensure all relevant information about cyber-risk management is shared.
Post-WannaCry, the Ministry invested additional resources into cybersecurity – including an extra three IT security specialists, and a sector-wide cyber-event response plan.
The Ministry has increased our communications with DHBs about potential threats and aims to provide functional leadership, good practice standards and guidance and support across the health sector.
Every health sector entity is not just responsible, but accountable, for the cybersecurity of their systems and networks – they need to be fit for purpose. Cybersecurity is now part of the routine work of all DHBs and other health agencies and requires regular updates in maintaining the organisation’s digital health and safety.
Both the Ministry of Health and DHBs are also guided by the Health Information Security Framework, which gives specific advice on actions to prevent cyberattacks and steps that can be taken that assist with recovery after any attack.
All of this, especially with its unfamiliar and often technical terms, can be confusing and appear to be cause for alarm – especially when large numbers of cyberattacks are talked about, which can make it seem like organisations are subject to near-constant targeted attacks.
Benefits outweigh risks
Threats to cybersecurity are the cost of doing business in a contemporary online environment. While it is not without risk, the benefits of having our health information and data connected up in these systems is apparent through the way the data can be used to help patients, clinicians and policymakers.
Patient safety and security, including the protection of data and information, is the Ministry’s number one priority and we will continue to work on our own system and with others to ensure we are always as secure as possible in this ever-changing environment.
Ann-Marie Cavanagh is the Ministry of Health’s chief technology and digital services officer.
Return to eHealthNews.nz home page
|
Email to a Friend