NHS employee was found accessing medical records of over 2,000 patients. The employee had legitimate access to the trust’s electronic health record system, but was accessing them over a period of 18 months with no legitimate reason for doing so.
NHS employee was found accessing medical records of over 2,000 patients. The employee had legitimate access to the trust’s electronic health record system, but was accessing them over a period of 18 months with no legitimate reason for doing so.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
For security analysts, spotting security incidents arising from within their company, which is arguably their own customer base, is particularly tricky because, like in this instance, the attacker may have legitimate access. If the credentials being inputted are valid, the same alarms are not raised as when an unauthorised user attempts entry from the outside. Deploying data-aware cyber security solutions removes the risks around the insider threat because even if an adversary has legitimate access to data, they are prevented from copying, moving or deleting it. What’s important when it comes to insiders, in whatever guise, is to be able to detect malicious or suspicious activity and produce real-time, priority alerts that analysts know must be addressed immediately.
Organisations need to be able to detect unusual activity from valid machines and users, which is why behavioural analytics has grown so quickly over the last couple of years. While standard security technology focuses on “can you access this data?” behavioural analytics focuses on “should you be accessing this data?” – this is much more useful for detecting threats in the NHS, which can compromise entire corporate machines. Behavioural analytics is also the only way to get real insight into the insider threat. It can tell an organisation when someone is doing something that is unusual and risky, on an individual basis and compared to peers.