For most industries, protecting your supply chain against cyber attacks is beneficial to business operations, profits and consumers. In healthcare, however, securing the supply chain can also be a matter of life and death.
Risks to consider
One of the most concerning supply chain issues we currently face is how therapies can be transported across countries in the event of post-Brexit supply disruptions. This concern was highlighted by recent reports indicating that pharmaceutical giant Sanofi is increasing the stockpile of medicine to allow for 14 weeks’ worth of supply should there be cross-channel transport delays.
Of course, Brexit is an exceptional scenario, and not one that’s likely to be experienced again anytime soon. However, the principle of ensuring supply continuity is the same for disruptions of any kind, expected or unexpected, including cyber attacks. The WannaCry ransomware attack is a prime example, where the inability to access data saw 14,778 patient appointments and 850 operations cancelled across the NHS. However, the situation was quickly resolved and patients were soon able to access vital services again. Had the breach not been resolved so quickly, or affected more vulnerable parts of the NHS, the effects could have been worse.
Maintaining data availability
The fundamental goal of information security management is protecting information – specifically, its confidentiality, integrity and availability – on which everything else depends. Implementing an ISMS (information security management system) allows you to manage information risks, such as cyber attacks, hacks, data leaks or theft, across your organisation as part of ‘business as usual’.
ISO 27001 is the international standard that provides the specification for a best-practice ISMS. Implementing an ISO 27001-compliant ISMS and achieving certification to the Standard gives organisations confidence that they are following best practices. It could also provide a competitive advantage by allowing them to showcase their position to potential customers.