Funding boost to help healthcare businesses improve cyber security

HealthTech suppliers and service providers get free government-funded cyber certification and training in effort to curb online crime

Cyber crime has increased since the onset of the coronavirus pandemic. Image by Gerd Altmann from Pixabay

Hundreds of UK HealthTech firms and medical service providers are set to benefit from government funding to boost their cyber security in an effort to protect the NHS from online crime.

As part of London Tech Week whis week, Digital Infrastructure Minister, Matt Warman, announced that small and medium-sized businesses, such as medical suppliers and primary care providers, are being invited to apply for a portion of a £500,000 moneypot.

Companies handling medical records are heavily targeted by cyber criminals. Therefore, they need to take every precaution necessary to protect patient data

The move comes after the National Cyber Security Centre (NCSC) identified a heightened cyber threat to the UK health sector in relation to the COVID-19 pandemic, with cyber crime groups attempting to steal sensitive intelligence, intellectual property, and personal information from pharmaceutical companies and medical research organisations.

Through the funding, participants can receive guidance and support to get accreditation from the Government’s Cyber Essentials certification.

This includes training to make sure all phones, tablets, laptops or computers are kept up to date, proper firewall usage to secure devices’ internet connections, and user access controls to manage employee access to services.

Firms will be able opt to receive support from one of the programme’s cyber experts, who will look at the organisation as a whole, identify its cyber security risks, and help develop and implement a business continuity plan.

Warman said: “We know there is a heightened cyber threat for healthcare businesses at the moment so we are releasing new funding to help those playing a vital role in the pandemic response to remain resilient.

“I also urge all organisations to sign up to the Government’s Cyber Essentials programme which contains a number of simple steps firms can take to get the fundamentals of good cyber security in place.”

Paul Chichester, the NCSC’s director of operations, added: “Protecting healthcare has been our top priority during the COVID-19 pandemic and we have been working hard to ensure organisations can keep themselves secure.

with this new funding, and by procuring cloud apps with a strong security track record and third-party tools to secure data in the cloud; healthcare organisations will be able to improve their ability to protect medical records and allow them to focus on their core competency – delivering care services

“While we will continue to support them, signing up to initiatives such as Cyber Essentials is an excellent way for organisations to help themselves.

“And those who have not already taken up this offer should do so – it will help ensure they have fundamental security protections in place, even in the most-challenging of times.”

Despite good progress in recent years, almost half of all businesses (46%) have suffered a cyber breach or attack in the last 12 months, with one in three (32%) experiencing them at least once a week, according to the Cyber Security Breaches Survey 2020.

Responding to this week’s announcement, Anurag Kahol, chief technology officer at cloud security specialist, Bitglass, told BBH: “Healthcare organisations are major targets and will see any and all lapses in security exploited by malicious individuals, both internal and external.

“Companies handling medical records are heavily targeted by cyber criminals. Therefore, they need to take every precaution necessary to protect patient data.”

According to Bitglass’s Healthcare Breach Report, the number of records breached in 2019 (27.5 million) was more than double that of 2018 (11.5 million) – which itself was over double that of 2017 (4.7 million).

Protecting healthcare has been our top priority during the COVID-19 pandemic and we have been working hard to ensure organisations can keep themselves secure

And the average number of individuals affected per breach reached 71,311 in 2019, nearly twice that of 2018 (39,739), indicating that breaches are becoming more common, and much more serious, over time.

“The rapid digitisation of patient records means it’s been very difficult to implement consistent data security policies and training schemes to educate staff on keeping data safe,” said Kahol.

.

“As healthcare organisations make patient data more accessible to individuals and new systems, they must make information security their top priority.

“Strategic investments in cyber security will make a significant impact on protecting healthcare businesses against cyber security risks, which will potentially save billions in the longrun.

“And, with this new funding, and by procuring cloud apps with a strong security track record and third-party tools to secure data in the cloud; healthcare organisations will be able to improve their ability to protect medical records and allow them to focus on their core competency – delivering care services."

Companies