How #CyberSafe are you?

Hand on keyboard

The 19th September is #CyberSafe day within the 30 days, 30 ways campaign, so I thought it would be a good opportunity to talk a little bit about how #CyberSafe are you?

Here at EEAST, we take cyber security really seriously and with the general increase in cyber security breaches there is good reason for this. According to the Department for Digital, Culture, Media and Sport Cyber Security Breaches Survey 2018, over four in ten businesses (43%) experienced a cyber security attack during the 12 months of 2018. These breaches included hacks and ransomware attacks, data breaches and financial information losses to name a few.

Something a little closer to home, which you may remember, was the Wannacry attack in 2017. More than 300,000 computers were infected globally with ransomware which, once activated, causes all files within a computer to be locked and encrypted in a way which prevents people from accessing them anymore. In Britain, the NHS was the worst hit with hospitals and GP surgeries in England and Scotland among the worst affected. This attack cost the NHS £92 million and over 19,000 patient appointments had to be cancelled. 

Due to the effectiveness of our IT team in keeping our networks and servers secure EEAST was not directly affected but a number of other Trusts in our area were which had a knock on effect to our service.

So, what is the purpose of Cyber Security and what can we all do to help prevent it?

The purpose of cybersecurity is to help prevent cyberattacks, data breaches and identity theft and can aid in risk management. When an organization has a strong sense of network security and an effective incident response plan, it is better able to prevent and mitigate cyber-attacks.

  • Ransomware is a type of malware that involves an attacker locking the victim's computer system files -- typically through encryption -- and demanding a payment to decrypt and unlock them.
  • Malware is any file or program used to harm a computer user, such as worms, computer viruses, Trojan horses and spyware.
  • Social engineering is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.
  • Phishing is a form of fraud where fraudulent emails are sent that resemble emails from reputable sources; however, the intention of these emails is to steal sensitive data, such as credit card or login information.

Benefits of utilising cybersecurity includes 

  • Business protection against malware, ransomware, phishing and social engineering.
  • Protection for data and networks.
  • Prevention of unauthorized users.
  • Improves recovery time after a breach.
  • Protection for end-users.
  • Improved confidence in the product for both developers and customers.

A lot of protection against these sorts of attacks is done, within EEAST, by our own IT team however; staff all need to help keep us secure by being vigilant.

So, what if something does go wrong?

The IM&T department are continually working on improving their IT Disaster Recovery Plans but there is only so much they can do. They are the experts in rectifying problems in the event of a wide ranging IT issue but you, as members of the EEAST team, need to know what to do in your own areas of the Trust.

Your own area Business Continuity Plans should state what you should do in the event of an IT System or Data System failure or disruption whilst the IT team is dealing with the problem. Check out your own area plans and see if the information in them gives you a clear understanding of your responsibilities during an IM&T issue.

Attached to this article is a short list of “Dos and Don’ts” for using IT systems and I would really encourage you to remind yourself of these. The list is not exhaustive, so I would also suggest you read and understand the policies listed on East24.

If in doubt, report anything you perceive to be a security breach or anything suspicious to the IT department through the IT Service Desk.

0345 6012509 Ext: 4811
itservicedesk@eastamb.nhs.uk

 

Published 19th September 2019

Downloads


0 Comments
Leave a Comment
Name (required)
Email Address (required, never displayed)
Enter a message

(all comments are moderated - your submission will be posted on approval.)