M. Azraoui, M. Önen, R. Molva, “Framework for Searchable Encryption with SQL Databases”, Conference CLOSER 2018, 19-21 March 2018, Medeira, Portugal. [Conference website http://closer.scitevents.org/]
Thinking cyber attacks will not happen is an outdated mentality in a digital world, however low the risk may be at the current time. Understanding personal responsibility and information governance and security in a digital world is very different from the paper-based world that health and care organisations, among others are moving away from. Being “one step ahead” of the cyber attacks means having secure systems and being trained to handle cyber attacks.
To ensure the sector properly handles cyber attacks, the UK national cyber security programme has established a Care Computer Emergency Response Team (CareCERT) through the Health and Social Care Information Centre (HSCIC).
A key goal of HSCIC is ensure front-line staff tackle potential breaches, and make its CareCERT programme the “trusted brand” for cyber security in the National Health Service and social care. The programme aims to enhance cyber resilience across health and social care by providing incident broadcasts, training and resources to health and care providers.
CareCERT programme head says, “one of our main functions is to consume threat intelligence information and guidance from a range of sources, triage the information, work out if there is a threat and the likelihood of impact on the organisation facing the threat”. Depending on the likelihood of impact, CareCERT will issue a broadcast, the type of which varies according to the level of risk.
So what impact is CareCERT already having? Early statistics from two case studies have shown that the programme already makes a difference. The two case studies looked at the infection rate before CareCERT broadcast and in subsequent months, and the results have shown that the number of unique infections fell dramatically.