Toughening up healthcare with a robust cyber security strategy
The public sector is facing an unprecedented level of cyber threats, none more so than our healthcare organisations. Since the 2017 WannaCry attack, public health organisations have experienced increasing numbers of cyber attacks, and they’re continuing to rise.
In 2022, NHS 111 and its software provider, Advanced, also suffered a ransomware attack that affected the care of over 40 million patients. With large-scale attacks becoming more frequent and more advanced, the healthcare sector is under pressure to implement greater security measures.
A robust security plan is essential for protecting sensitive information, patient records, and critical infrastructure. But creating a cyber security strategy isn’t as simple as putting pen to paper. You need the right level of expertise, trusted experts and a defined budget to support you on the journey to improved cyber security.
What is a cyber security strategy?
A cyber security strategy is a detailed plan, defining how an organisation intends to safeguard its digital assets, systems, and networks against cyber threats and vulnerabilities. It’s a guiding framework that highlights the overall direction, extent, and approach for cyber security efforts.
However, a cyber security strategy is not a ‘one and done’ document. It should be a constantly changing plan that shifts just as quickly and effectively as the cyber threat landscape does, comprising elements including strategic security assessment, threat mapping, and cyber security roadmap. It should be consistently reviewed and updated to meet the advancements of cyber attackers.
What is a Target Operating Model?
A Target Operating Model (TOM) is a cyber security blueprint outlining how a business will operate its cyber security functions to achieve its strategic objectives. It provides a detailed view of the processes, people, technology, and information requirements needed to mitigate cyber risks effectively.
A TOM and cyber security strategy are inherently interconnected. While the cyber security strategy defines the overarching goals of the organisation’s security efforts, the TOM details how these goals will be met. A TOM translates the strategic vision into actionable plans.
NCSC Cyber Assessment Framework
When considering implementing a cyber security strategy, it’s important to look at the bigger picture. While organisational needs are top of the list, it’s also worth considering alignment with relevant frameworks, like the NCSC Cyber Assessment Framework (CAF). This framework has been designed to provide guidance for organisations responsible for vitally important services and activities, such as healthcare organisations.
The NCSC CAF ‘collection’ consists of 14 cyber security and resilience principles, together with guidance on using and applying the principles, and the Cyber Assessment Framework (CAF) itself. It’s a key consideration for healthcare organisations and Integrated Care Boards (ICBs) when establishing whether they should align with such a framework.
Utilising CAF to underpin a cyber security strategy aligns the Integrated Care System (ICS) with the Government Cyber Security Strategy 2022 to 2030. The CAF is also cited within the policy paper ‘A cyber resilient health and adult social care system in England: cyber security strategy to 2030’ as a key tenet of cyber resilience.
How can Nasstar help you?
At Nasstar, we understand the critical cyber security challenges currently facing our public health and social care sector. Our teams have extensive experience in creating cyber security strategies that manage cyber risks, defend as one, and ensure exemplary response and recovery. The result is a robust strategy that mitigates current threats while offering flexibility to adapt to future challenges.
Additionally, NHS England has set aside £15m for cyber resilience, offering significant funds to the health and social care sector, including primary care providers and ICBs. Utilising this funding is a great way to strengthen your security posture and remain compliant with government standards. The catch is that funds must be claimed by September 2024.
Alongside our expertise in cyber security, we can help you access and use this funding to fortify your defences against evolving threats.
Cyber Security Discovery Assessment
We’ve put together a Cyber Security Discovery Assessment for healthcare organisations seeking to use the government funding to align their cyber security strategy with the NCSC CAF. The workshop is designed to help you establish and develop a bespoke cyber security strategy that works for your organisation.
Our workshop is split into five parts, enabling us to gather all the information we need to create a strategy that aligns with both your business goals and the NCSC CAF.
Discovery
Naturally, the first stage of our Cyber Security Discovery Workshop is discovery. Here, we will seek to understand the people, processes, and technology already in your organisation, while identifying any issues and existing capabilities. Our teams will do this through custom questionnaires, documentation reviews, talking workshops, and follow-up interviews with key stakeholders.
Baselining
As part of ensuring your organisation is cyber resilient, we recommend aligning with the NCSC CAF and the over-arching national strategy. To prepare your business for this, we will assess the Indicators of Good Practice within the CAF to establish an initial baseline.
To provide assurance of your current technical posture, we recommended performing a high-level risk assessment (utilising existing risk registers to support) of the ICS. Additionally, we may perform a technical assessment, in the guise of either a vulnerability assessment or penetration test. The scope should be ICS-wide, to mirror the breadth of the strategy and TOM.
Collateral development
We will work closely with you to develop a cyber security strategy that aligns with the ‘National Cyber Security Strategy for Health and Social Care 2023 to 2030’. The strategy and related collateral will emphasise the five pillars of the overarching strategy:
- Focus on the greatest risks and harms
- Defend as one
- People and culture
- Build secure for the future
- Exemplary response and recovery
In this stage, we will also work with key stakeholders to develop a TOM that is aligned with the NCSC CAF. Your TOM will also align with the existing organisational structure and risk management framework within the ICS.
Implementation plan and support
Our teams will create a detailed plan for implementing and maintaining the cyber security strategy and TOM developed during this workshop. This will include staff training and process improvement. It’s important that you, or someone you appoint in the organisation, lead this. There should also be an accountable owner aligned within the ICS.
We will provide additional support during implementation, leveraging our extensive experience in deploying similar programs and running cyber security functions at CISO-level.
Re-baselining
After your new strategy and TOM have been implemented, the baselining activity will be repeated to measure the success of the program. This will help to demonstrate its efficacy and movement towards full alignment with the NCSC CAF. In addition, we recommend repeating the technical and risk assessments to validate the remediation work undertaken by the ICS, following the initial assessment.
After this, we will create a final report that demonstrates the delta between the original state and the post-engagement baseline. It will also contain prioritised recommendations for ongoing improvements.
Navigate cyber security complexities with ease
The combination of government funding for cyber resilience and our robust Cyber Security Discovery Assessment offers an excellent opportunity to strengthen your security position. Don’t miss the chance to protect patient data more efficiently and keep your critical systems secure!