Over the years, the healthcare sector has become one of the main targets of cyber attackers, due to the rapid development of digital applications and the sensitivity of the data it processes. According to the ANS (Agence du Numérique en Santé – French Digital Health Agency), more than 730 attacks were recorded against healthcare players in 2021, a trend that is set to intensify in 2022 and 2023, with increasingly devastating cyber-attacks receiving more and more media coverage. The stakes for healthcare organisations are high, not only for their own operations, but also for those of the nation and the health of its people. This is why they are designated as “operators of vital importance” (OIV). Once designated as an OIV, healthcare organisations are subject to the regulatory framework of military programming laws, with higher IT security criteria than those required of organisations designated as “Essential Service Operators” (OSE).
In the past, attacker groups declared in their “ethical charter” that they would never attack healthcare institutions, but this rule has really fallen by the wayside: “It is forbidden to put patients’ lives at risk, but it is perfectly allowed to steal data from a hospital,” explains Lockbit, one of the most active groups in the ransomware sector.
Given the increase in these cyber-attacks and their critical dimension, the Ministry of Health and Prevention has sent an information note to the directors of the ARS (Regional Health Agencies) on the obligation for healthcare establishments to carry out a crisis management exercise before the end of 2023.
Preparing healthcare organisations for cyber-attacks and strengthening their cyber resilience
In order to further strengthen the preparedness of healthcare organisations and enable them to meet the commitments announced by the government, the ANS (National Agency for Health IT) and the ARS (Regional Health Authorities) have decided to grant a lump sum subsidy to organisations that carry out a cyber crisis management exercise. This will cover part of the cost of the support provided by the cyber crisis management expert.
The ANS has also developed cyber crisis management exercise kits to facilitate the organisation of exercises within healthcare organisations. Carrying out these exercises is one of the priority actions in the cyber reinforcement plan of the Ministry of Health and Prevention. Healthcare organisations will be able to carry out the exercises themselves or choose an external service provider to assist them. These ready-to-use kits are designed to enable healthcare organisations to practice cyber crisis management under realistic conditions so that they can learn the right reflexes, strengthen their cyber resilience and ensure business continuity as effectively as possible.
To adapt to the different levels of maturity of healthcare establishments, these kits are available in three levels:
- Beginner kit: to discover cyber crisis management
- Intermediate kit: for working on coordination between two units and refining the crisis management plan
- Advanced kit: to embed reflexes and build skills
In partnership with LEXFO (a security incident response service provider certified PRIS by ANSSI), Alcyconie has been selected along with three other service provider groups by the GCS e-santé Bretagne to offer its expertise to the region’s healthcare and medico-social establishments for cyber crisis management preparation and training services. Building on a long-standing partnership, our teams and those of LEXFO have now developed effective synergies and share a common approach to cyber crisis support.
Often associated with the imperatives of efficiency and urgency, the healthcare and medical-social sector is an easy target for cybercriminals. That’s why the entire sector is looking to streamline its operations, to simplify the day-to-day lives of carers and patients. It is in this context that the digital transformation of these establishments has developed, and therefore the digitisation of their information flows.
Medical data is a lucrative commodity, and its value has been rising for several years. Hospitals store large quantities of sensitive data and need permanent access to their systems.
Alcyconie’s expertise is based on crisis management consulting and platforms dedicated to the anticipation and management of cyber crises. It will enable healthcare establishment teams to train and organise themselves to respond to complex, sensitive or crisis situations and to improve their anticipation and resilience capacities in the face of cyber attacks.
Crisis management at the heart of healthcare institutions’ cyber resilience strategy
Preparing for a cyber crisis
With an increasing number of cyber-attacks targeting healthcare organisations in particular, it is vital that they are resilient and prepared for a cyber-crisis. Alcyconie acts and supports healthcare organisations at every stage of the crisis: before, during and after.
To manage this type of event, which has a major impact on the running of a healthcare organisation, a series of procedures and plans must be put in place: a crisis management system, a business continuity plan (BCP) and a business resumption plan (BRP). These elements need to be adapted to as many realistic scenarios as possible. Alcyconie offers training and solutions tailored to the crises faced by healthcare organisations, depending on their environment and needs.
Training in cyber crisis management
Once procedures have been defined and written, the best way to ensure they don’t gather dust is to put them into practice during a cyber crisis management exercise. Plunging members of the crisis unit into a simulated cyber crisis is an opportunity to test and try out the existing procedures and confirm their suitability for the organisation. In a real crisis, the allocation of roles and responsibilities, the development of relevant and transparent crisis communication and the acquisition of certain reflexes could prove decisive. Alcyconie has positioned itself as a player in the health sector by offering to operate NSA kits and strengthen their cyber resilience.
For establishments that consider themselves sufficiently “mature”, having already taken part in a cyber crisis management exercise and wishing to reach the next level, we offer tailor-made exercises designed to diversify the business dimensions. Our PIA® platform gives you the opportunity to immerse yourself completely in a scenario that is as close to reality as possible, with a view to increasing your skills. PIA® is a truly secure playground, bringing together all the dimensions of a cyber crisis: media pressure, internal pressure, consideration of business, organisational and financial impacts, etc.
Cyber crisis management
Alcyconie has developed a bespoke support methodology, structured around a number of key areas, that is as close as possible to the challenges faced by healthcare stakeholders. Whether before, during or after a crisis, the Alcyconie team is also able to support and advise you during a security incident with its 24/7 on-call service. Our mission? To help you develop your operational response, define your crisis communication strategy and strengthen your crisis unit (PMO, management, language, etc.).