Published by Cybersecurity Practice
October 4, 2023
In the rush to achieve interoperability across the healthcare sector, organisations that act without laying the proper groundwork could be inadvertently introducing new security vulnerabilities into their networks.
There is a proven appetite for interoperability within the sector, both as a strategic objective on the part of the NHS, and from clinicians dealing with these systems from day to day. Released last year, the BMA Digital Infrastructure survey reported that over three quarters of doctors surveyed found the lack of interoperability to be a “significant barrier” to digital transformation in the NHS. This figure rose to a staggering 98 per cent when including doctors who view it as a “moderate” or “minor” barrier. However, as the healthcare sector looks towards modernising its offerings through potentially transformative internet of things (IoT) devices, cloud-based services and the advent of bring-your-own-device (BYOD), there is a very real danger that Trusts could unwittingly provide bad actors with new avenues with which to attack their organisation.
The struggle so far to provide interoperability is hardly surprising. NHS Trusts often oversee sprawling estates, made up of a daunting mixture of devices that have accumulated over many years. These estates often harbour devices and systems that have been implemented for immediate necessity, rather than any long-term plan for interoperability. At the same time, there is also an understandable amount of wariness of introducing new, untested devices and services into an organisation’s estate that has arisen in the wake of the 2017 WannaCry attacks – not to mention ever-present budget constraints. Simply connecting medical devices to a network that is unprepared for such purposes will provide direct exposure to external cyber-attacks.
Older devices within an NHS Trust’s estate will frequently come with hardware dependencies and software driver issues that can prevent upgrades to more modern, secure operating systems. New IoT devices, meanwhile, can exist invisibly on organisational networks, potentially missing vital updates and dodging security audits. Even putting aside the technological difficulties in getting these systems to work together, attempting to do so could both introduce critical new vulnerabilities into a Trust’s estate, and allow any successful attack wide-ranging access to organisational assets and systems.
Now, however, focus has begun to shift onto network segmentation as a foundational, concrete step that Trusts can take in preparing for future interoperability. By partitioning devices when they initially connect to a network, network segmentation can ensure each device can only talk to others with which they are authorised to do so. On the face of it, this concept might sound counter to the frictionless interaction and exchange that interoperability represents. In actuality, however, network segmentation is vital in providing organisations with a secure, resilient network upon which they can build towards true interoperability.
Estate-wide network segmentation protects against these vulnerabilities through two approaches: macro and micro segmentation. Macro segmentation separates out devices by sorting them into “classes” of device – be that end-user devices, IoT devices, servers, or something else. Micro segmentation then further separates these classes of device into groups on a logical basis. For example, clinician’s laptops, IT laptops and BYOD phones all fall within the macro class of “end-user device”, but can be further split on the micro level into separate groups. These groups can then be granted specific appropriate privileges based on their individual needs. Implemented properly, this should mean a seamless experience for users accessing the services and data they require, while maintaining secure and defined boundaries that would limit the scope of any attack that is able to breach the network.
Such network segmentation relies on a network access control solution to identify the device and user as they attempt to connect, and to then place them within the appropriate network segment. Already widely deployed within NHS Trusts, solutions such as Cisco Identity Services Engine (ISE) can provide the access control required for effective network segmentation, while also authenticating the user and checking the security posture of their device as they attempt to connect – paving the way for even greater security through true Zero Trust strategies. This means organisations can ensure that devices that are vulnerable, compromised, or which do not conform to organisational policy are refused access to the organisation’s network and assets.
These solutions are fast becoming a major focus of NHS Trusts, given the requirement for network segmentation and access control capabilities in schemes such as the Data Security and Protection Toolkit, Cyber Essentials and the Cyber Assessment Framework. Beyond just compliance, however, the security and network visibility provided by a solution such as Cisco ISE allows organisations to more confidently look to introduce new devices and solutions into their network – devices that can provide transformative experiences for clinicians, staff and patients alike. Once an organisation has a robust and resilient network, they can turn their attention to interoperability without the fear that they may be inadvertently making things easier for ransomware or other cyber-attacks to gain footholds.
At ITGL, we’ve worked with many NHS Trusts to help transform, modernise and secure their networks and infrastructure. We’re aware that many existing ISE deployments aren’t being used as effectively as they can be, with potentially critical functionality essentially being left on the table, whether through a lack of time, awareness or expertise. Get in touch at email@example.com to discuss how an ISE install can become the cornerstone of a Trust’s network segmentation and Zero Trust strategy, and the foundation for things to come.