Initially, Palantir being granted access to an address book with as many as 1.5 million NHS employees might appear to be just another instance of large-scale digital innovation in the healthcare sector, or merely a required action for a vendor operating within such a complicated setting.
Nevertheless, beneath this headline, there are numerous factors to take into account: in today's world, the healthcare system encompasses not only the organization itself but also a broad external network around it.
A key issue that must be considered here is whether organizations are fully aware of who has access to their most critical systems and information at any given moment?
Healthcare has consistently been a field filled with data, where the stakes are high, but its digital transformation has significantly increased the number of participants involved in providing care.Cloud providers, analytics platforms, software providers, vendors, and consultants all need different levels of access to essential systems.
Third-party blind spots
The issue isn't just that third parties are present, but that understanding their access is frequently scattered or lacking. In numerous instances, companies depend on outdated records, contractual promises, or occasional assessments to ensure security. However, access is always changing - new users are added, permissions are modified, and integrations are updated - usually without a unified, up-to-date perspective.
This method leads to a highly hazardous and potentially perilous scenario. The organizations are accountable for ensuring patient information remains protected and that services function effectively.
However, with regard to the NHS, this is not simple. It is not a single entity with one integrated IT system, but a collection of hundreds of semi-autonomous Trusts, GP surgeries, mental health services, and other healthcare providers, many of whom have traditionally acquired their own technology.
This has resulted in a complicated environment of outdated systems that often fail to work well together, increasing the difficulty of maintaining visibility and control over access, especially when working with external partners.
This is why so many prominentsecurityIncidents take place not inside companies' core areas but at the periphery of their networks, through integrations or collaborations. This issue becomes even more challenging because, unlike many other industries, healthcare depends significantly on the accessibility of information systems.
As a result, managing access in this industry is not only about safeguarding information but also about maintaining operational continuity.
Cyber risk meets geopolitics
At the same time, the threat environment is also experiencing transformations that further increase the dangers linked to these weaknesses.
Recent cyberattacks targeting healthcare facilities, linked to Iran, show that current cyber operations are a direct outcome of international conflicts. This has led to a type of secondary front, where disruption can occur without physically crossing borders. In many respects, this represents contemporary warfare, a form that organizations remain inadequately equipped to handle.
Wiper attacks vary from conventional attacks in that their objective is not to steal confidential data but to completely destroy the systems. For healthcare institutions, such attacks can result in severe malfunctions with potentially deadly outcomes for patients.
Even more alarming is the ease with which these attacks have become. Progress inAI toolsare significantly reducing the cost and work needed to perform them, which means strategies such as phishing, DDoS attacks, and surveillance can now be carried out much faster and on a larger scale.
This moves cyber risk clearly into the area of strategic risk. It is no longer limited to the IT department. It impacts operational resilience, financial security, and public confidence, leaders must now recognize that cyber threats will rise alongside global instability, rather than separately from it.
Compliance isn’t enough
Despite these advancements, numerous organizations continue to use security and compliance methods that were created for a significantly different time period.
Regular audits, yearly reviews, and a fixed system for maintaining compliance provide a single-point view. These approaches confirm that controls were present at the time of evaluation but fail to ensure what occurs in the subsequent days or months.
In fast-paced settings such as healthcare, this presents a significant drawback. Systems are constantly changing every day. Access rights are modified and new connections are established. A control that worked well during an audit may stop functioning without any immediate notice.
Recent studies from Quod Orbis consistently indicate that organizations frequently overestimate their level of visibility. For instance, although most businesses express confidence in their security stance, 93% claim they have a clear understanding of theirIT assets, yet 95% acknowledge they have found it difficult to reach a particularsoftware assetin the past year. This discrepancy between perception and reality is where risk begins to build up.
The argument for ongoing surveillance
If the characteristics of risk have evolved, then the risk management framework must also change. Although regulations such as DORA are starting to tackle this transformation within the financial services industry, the truth is that these principles are now relevant across many different sectors.
Instead of seeking out more reports and techniques, companies should adopt a completely different strategy for assurance, one that acknowledges the ever-changing and real-time aspects of today's IT environments.
Through continuous network monitoring, organizations can understand in real-time precisely the level of security their IT systems have and raise important questions, such as: who has access, what modifications have been made, and what vulnerabilities remain? Third-party access is an area where ongoing monitoring would enable organizations to adopt a "trust, but verify" approach instead of a blind trust method when granting third-party access.
At the same time, ongoing supervision and monitoring offer a chance to handle problems before they arise. In today's increasingly disruptive environment, the capability to tackle and stop issues can make the difference between managing a problem and facing an operational disaster.
It enables companies to maintain oversight without hindering creativity andcollaborationThe NHS case is not an exception in this regard. In fact, it illustrates the change in organizational behavior and the related risks. As digital ecosystems grow, the risks associated with third-party access are now a given. The real issue is whether organizations have the visibility and control over these risks.
The NHS experience is not unique in this regard. In fact, it represents a wider trend seen in numerous organizations. Similar to the NHS, many companies are functioning with outdated systems, and are dealing with fragmented processes.IT infrastructureand restricted visibility within their surroundings. As digital ecosystems grow, the dangers associated with third-party access are now undeniable.
It also brings up a significant point: are organizations fully aware of their third-party connections and able to reliably evaluate the extent of risk and security measures in place?
You can't protect what you can't detect, and more and more, the danger lies precisely where you can't see it.
We offer top online cybersecurity classes.
This piece was created as part ofPro Perspectives, our channel showcases the top innovators and leaders in the technology sector today.
The opinions shared here belong to the author and may not reflect the views of Pro or Future plc. If you would like to contribute, click here for more information:https://www./pro/perspectives-how-to-submit
Liked this article? To discover more stories like this, follow us on MSN by clicking the +Follow button located at the top of this page.
No comments:
Post a Comment