UK healthcare industry needs to bolster its cyber security measures

data breach

Clearswift’s latest research has highlighted a glaring deficiency in the UK healthcare industry’s cyber security measures

HelpSystems company Clearswift, which provides advanced content threat protection and data breach defence to critical national infrastructure organisations across the globe, conducted the research through Vanson Bourne – a technology research firm. The company polled 100 senior business decision makers from healthcare organisations in the UK, mapping the attitudes of businesses and employees relating to cyber security.

One of the most concerning figures that the research unearthed was that 67 per cent of healthcare organisations suffered a cyber security incident in the last 12 months, and that 48 per cent of the incidents occurred as a result of introduction of viruses/malware from third party devices, including IoT devices and USB sticks.

With the continuing uptick in IoT in healthcare, Clearswift notes that it is crucial that the industry focuses on securing these devices. And, what’s more, the poll also revealed that other key causes of security incidents included employees sharing information with unauthorised recipients (39 per cent), users not following protocol/data protection policies (37 per cent), and malicious links in emails and on social media (28 per cent).

Alyn Hockey, Vice-President of Product Management of Clearswift, rightly asserts that as the healthcare sector holds important patient data, it is alarming to see high numbers of security incidents occurring in the industry. “Understanding what is threatening the safety of the critical data you hold is the first step in mitigating the risk. Therefore, cyber security strategies across healthcare organisations need to rapidly evolve to account for new threats against the sector,” he said. “While many aspects of staying secure come from keeping employees trained to recognise threats, technology should play a key role in helping reduce the risks that come with innovation. It’s not a case of ‘if’, but ‘when’ an incident occurs so investment is required to ensure healthcare organisations are prepared for any type of threat.”