In the UK we have recently seen lots of headlines about cyber security and incidents at various NHS organisations, which have had varying impacts on day to day operations. Some of this information has been accurate, but a great deal of it has not – often because it takes time for the full facts of an incident to become known. This is causing added pressure to organisations, beyond the ongoing scrutiny they are already under.
Whilst these incidents are generally unhelpful, they have at least raised awareness and highlighted the importance of cyber security right up to board level, which is a positive thing.
Board members could be forgiven for thinking that a substantial investment is needed in order to provide better protection against today’s cyber threats, particularly as the effects of a successful attack are immediate. In actual fact, NHS organisations should initially make sure that they are following the best practice advised by their security vendors. (I recently gave five tips for securing NHS organisations.)
Once best practice is in place, you can begin to build in additional layers of security to provide defence in depth via next-generation functionality and further enhance protection. These include anti-exploit and anti-ransomware protection, such as Sophos Intercept X at the endpoint and sandboxing such as Sophos Sandstorm at the gateway.
The problem is that whilst there’s a lot that can be done technically, NHS organisations often lack sufficient staff to carry out this work. In an investment bank, there will be large-scale security teams looking after the tools that keep confidential data secure, whereas NHS resources are spread across a variety of different tasks. This means that systems need to be simple to implement and manage, and they need to be able to work systematically to automate the tasks as much as possible, not just pumping information into a SIEM (security information and event management).
In addition, NHS organisations must start to look at security across all areas of the network – rather than staff just focusing on their own silos – as today’s prevalent threats seek to access the network through multiple entry points.
Sophos Central enables organisations to monitor security across the whole organisation and allows those responsible to manage our award-winning synchronized security solutions. Advanced attacks are more co-ordinated than ever before and synchronized security means that your defences must be too. Sophos’s Security Heartbeat™ ensures your endpoint protection and firewall are talking to each other. It’s a simple yet effective idea that means you get better protection against advanced threats and spend less time responding to incidents. What’s more, the process is automated.
Following best practice and adding extra layers to increase your defences means that your board will sleep easier at night and you will have greater visibility into the health of your estate.
If you’d like to learn more about security best practice or if you would like to learn how Sophos’s synchronized security platform could help your NHS organisation please contact us at healthcare@sophos.com.