Health sector: efforts still need to be made to democratize cyber
On the occasion of the Cyber and Trusted Cloud summer universities, a debate on cybersecurity in the field of health brought together Sylvain François, director of the information system at CHU Rouen, Guillaume Deraedt, deputy general delegate responsible for digital strategy CAIH, Mehdi Zine Head of medical-social projects ANS, Jean-Baptiste Lapeyrie, Delegate of Digital Health, Director of CTO Projects Ministry of Solidarity and Health, Jean-Pierre Barré, Vice President of Sales Southern Europe Wallix and Carla Gomes Director of the Docaposte Health Market.
Carla Gomes reminds us that at Docapost we believe that the sooner an attack is detected, the better we can limit its impacts. We also need to work on backups. Returning to baseline takes between 3 months and 300 days, depending on preparation.
In a hospital, everything is connected, from air conditioning to medical devices. For Jean-Pierre Barré, the attacker will look for the shortest path. Plus, it’s pretty easy to walk through the hallways of a hospital, find a free spot, and use it to enter the Si. Many healthcare facilities have OSE status, this simplifies access to VPNs. This year at Wallix, a third of the projects refer to industrial OT or health.
A budget for cybersecurity has been opened at the GHT Côte d’Opale. Cybernetics is a process that cannot be improvised. A budget of 300,000 thousand euros was thus released. In a hospital there are three systems to secure: the building, OT and IS.
Funds have been released for issues such as fighting ransomware and combating board escalations. The detection also focused on financing even all television and backups to industrialize the processes and be able to implement them on a large scale.
In addition, awareness-raising and training actions are being and will continue to be carried out by the health communication agency. You need to practice to be prepared to respond after an attack. We are working with the ARS. Finally, we work with patients to raise their awareness as well.
In hospitals, a CISO sees the investments mentioned above trickle down to IT services. Soc or EDR solutions are beginning to be implemented. Working with the main manufacturers in the health market must understand safety issues, which is why the influence of the State is important to make them comply with these demands. HDS certification also helps.
Carla Gomes recommends taking a holistic approach. The new report on cybersecurity in healthcare systems makes 10 recommendations, including attack detection. These recommendations are easy to implement. In the report we highlight the importance of cyber exercises, of placing emphasis on safeguarding but also on strengthening international cooperation…
Since the last attacks there have been rapprochements with Anssi. The coordination of the actors exists especially in view of the Olympic Games. There is global cooperation that should allow an evolution in the level of security of health facilities globally. This cooperation has existed for some time, especially regarding crisis exercises.
Jean-Pierre Barré explains that if we want to remain sovereign, the legislator must stop being naive. It is necessary that he support the French industrialists. If we don’t help the industry we won’t get there. He also believes that there are better things, but we have to go further. As an industrialist, we must simplify cybersecurity.
For Jean-Baptiste Lapeyrie, Delegate of Digital Health, Director of the CTO Project Ministry of Solidarity and Health, the new version of the HDS certification moves towards greater control of sovereignty.
Sylvain François, director of the Information System at the University of Rouen, explains that he chooses a security tool because it meets his needs with a good technical level. He reports that during the cyber attack on his establishment the only industrialist who responded was a French Atempo who intervened without reference to a contract.
In conclusion, Mehdi Zine, director of the ANS medical-social project, recalls that it is important to preserve the avenues of attack on AD. There is a sense of urgency to improve directory security.