What should you do if your healthcare facility falls victim to a cyber-attack?

Cyber threats across the health sector are increasing rapidly, particularly targeted ransomware attacks, which are highly damaging and disruptive.

Digital Health and Care Wales (DHCW) support and work with NHS Wales organisations to continually improve cyber security controls and resilience against cyber threats.  DHCW has implemented Multi Factor Authentication (MFA) for all remote connections into NHS Wales, including those working remotely, along with a new Security Information and Event Monitoring (SIEM) which has significantly improved the posture of NHS Wales to detect, respond to, and alleviate security threats.

Healthcare Incident Response Event

And now, DHCW has teamed up with Cyber Resilience Centre for Wales (WCRC) to run the centre’s successful Incident Response Event which is designed to help Welsh organisations become better equipped in the face of a cyber- attack.

The session will offer health care the opportunity to be taken through a realistic scenario frequently experienced by businesses with the aim to help them prepare themselves for a successful attack, with easy-to-understand explanations and terminology. The exercise will be created and run by Bridewell, a company who specialise in end-to-end cyber security and who are also a National Cyber Security Centre assured provider of cyber incident exercising.

The exercise will be followed with a panel discussion which will break down the stages of the attack using easy to understand terminology and identify key decisions and also the support available in these circumstances. The panel includes representatives from Capital Law, the Information Commissioners Office (ICO), Thomas Carroll Insurance Brokers, the Cyber Resilience Centre for Wales, KPMG and Bridewell Incident Response team, covering a variety of sectors such as legal, law enforcement and insurance to explore the different aspects of an attack and what the consequences can mean for a business.

Mark Edwards, Chief Information Security Officer, Digital Health and Care Wales said: “It’s more important than ever that cyber security is taken seriously in healthcare. It’s crucial to protect patient data, maintain patient safety and keep our services running. That’s why in Wales we’re teaming up with the Cyber Resilience Centre for Wales (WCRC) and holding this event. Attendees will learn about the seriousness of the threats on NHS Wales systems and how cyber-attacks have the potential to cause major disruption.”

WCRC Director, Detective Superintendent Paul Peters, adds: “We’re thrilled to be working with DHCW and to assist in providing guidance and support in putting in place better cyber security practices.

Providing organisations with knowledge and skills necessary to be prepared if they ever did fall victim is the most effective way to lessen the impact. These cyber security exercises are very useful simulations of specific cyber-attack scenarios and have been designed to enable organisations to gain valuable insights into an actual response to a real-life breach attack.”

The event is taking place on Wednesday 14 May running from 9am until 2pm in Cardiff.  The full rundown of the event is outlined and below and to book your place, simply click on the link.

·       Agenda

·       9:00 – 9:30: Networking  

·       9:30:  Opening address by Mark Edwards, NHS Wales Chief Information Security Officer 

·       9:40: Cyber Incident Response exercise  

·       11:30:   Panel chaired by Jon Davies, Director at KPMG, consisting of: 

·       CISO - Mark Edwards, CISO, Digital Health & Care Wales 

·       James John, Incident Response Manager, Bridewell 

·       Paul Peters, Detective Superintendent, The Cyber Resilience Centre for Wales 

·       Carrie Gwyther Senior Associate, Capital Law 

·       Bethan Davies Phillips, Lead Policy Officer, Information Commissioner’s Office 

·       12:30 – 13:30: Lunch and Networking  

·       14:00: Event Ends 

https://www.wcrcentre.co.uk/events