Articles and Case Studies

07 Feb 2018

Cyber Risks

Just a normal Tuesday at work… or so you thought... 
What you find as you walk through the door is a waiting room full of patients, reception staff looking for ways to restart their computers and doctors standing in the corridor looking stressed. 
 
Why? Because the following message appeared on the screen of every computer in the practice overnight: 
 
“Oops, your important files are encrypted… nobody can recover your files without our decryption service… we guarantee we can recover your files… send $300 worth of Bitcoin to the following address…” 
 
And everyone is now looking at you. You’re the Practice Manager. Even if it’s not your fault, in everyone’s mind it’s your job to fix the problem – and do it fast. 

Cyber attacks 
 
Unfortunately, the tabloid ready phrase “cyber-attack” is a regular feature in the news, and legitimately so. Our reliance on the internet, cloud based applications and virtual communication to do business has created a happy hunting ground for hackers seeking to make mischief, make money or make some pseudo-political point. And this means the likelihood of your practice being subject to an attack is increasing. 
 
What falls under the heading of cyberattack is broad and includes malware (which in turn includes ransomware), phishing, and denial of service. Just Google it – the types and complexity of attacks is expanding with the current focus seemingly on data compromise rather than data theft.

What you can do 
 
There are steps that can be taken to mitigate the risks of an attack. Getting the basics right can mean the difference. 
  1. Educate your staff – protection against attacks is everyone’s responsibility (and the message is relatively simple) if the link looks suspect, don’t click on it. 
  2. Back up, back up, back up – do it frequently. 
  3. Don’t ignore updates – software patches are crucial.
  4. Have a plan – develop incident response and business continuity plans. 

Perhaps most important of all is awareness of the realisation that an attack is not a remote possibility. It is a likelihood. Action now can help both prevent an attack and the consequences should your systems fall prey.

Who can help? 

There is a growing range of service providers who can help with both the setup of your incident response plans, and to act when the attack happens. What’s also available in the market is a specific cyber risk insurance product which provides a range of cover and, usually, includes support for incident response, forensic analysis and public relations management.

 

Anaesthesia, Dermatology, Emergency Medicine, General Practice, Intensive Care Medicine, Obstetrics and Gynaecology, Ophthalmology, Pathology, Practice Manager Or Owner, Psychiatry, Radiology, Sports Medicine, Surgery
 

Library

Doctors, Let's Talk: Setting Boundaries At Work

A conversation with Nicola Campbell, Psychiatry Registrar, that explores the necessity of setting professional boundaries as a Junior Doctor.

Podcasts

07 Dec 2022

Doctors, Let's Talk: Your Support Network Is Your Net-Worth

A conversation with Nidhi Krishnan, Paediatric Registrar, that explores the value of building a strong network as a Junior Doctor.

Podcasts

07 Dec 2022

Doctors, Let's Talk: Are Retreats Worth The Money?

A conversation with Dr Emily Amos, General Practitioner, International Board Certified Lactation Consultant, and registered mindfulness teacher, that explores the utility of mindful retreats and self-care among Junior Doctors.

Podcasts

07 Dec 2022

Doctors, Let's Talk: Is Quitting Medicine Ever The Answer?

A conversation with Dr Ashe Coxon, General Practitioner, career counsellor, and founder of Medical Career Planning, that explores the issue of dealing with career uncertainty as a Junior Doctor.

Podcasts

07 Dec 2022