Cybercrime is on the march and brings with it the risk of worryingly levels of disruption to vital services – healthcare chief among them. In May 2017, WannaCry ransomware affected a third of NHS acute trusts and gave an insight into the impact such attacks can have. Ambulances were diverted, operations cancelled, and national headlines generated.
Little wonder that governments are reacting with new cybersecurity legislation and programmes. In May 2018, the European Union’s Network and Information Security Directive was transposed in the national laws of member countries. It brought with it new requirements for operators of essential services and providers of digital services – requiring them to manage the risks posed to the security of networks and information systems.
With many NHS organisations operating legacy systems and infrastructure, state of the art protection against cybersecurity might feel difficult to realise. This Palo Alto Networks white paper looks at the regulatory environment