Share this article on:
The European Union Agency for Cybersecurity (ENISA) has reported that it received a total of 742 reports about cyber security incidents in 2020 that significantly impacted critical sectors under the Directive on security of network and information systems (NIS Directive), with the data revealing the health sector was the hardest hit, with an increase of 47% of such incidents compared to the previous year.
The key findings of the ENISA report pointed to a lack of sector-specific knowledge or capacity of national computer security incident response teams (CSIRTs), further analysis on lessons learned from past incidents and the implementation of the NIS Directive appear to be the main drivers of the creation of sector-specific incident response capabilities in the health sector.
The study further revealed the lack of security culture among operators of essential services (OES) with vulnerabilities arising due to the high turnaround healthcare equipment obsolescence which include hardware and digital devices that usually have a lifetime of 15 years on average. The complexity of systems increases the number of connected devices, leading to an extension of the potential attack surface.
Emerging technologies such as the Internet of Things (IoT), artificial intelligence (AI), big data, cloud computing and the multiplicity of connected devices, have contributed to the steady rise in cyber threats. It is the role of CSIRTs to develop the capabilities needed to address such issues and implement the provisions of the NIS Directive.
The ENISA report also assessed the services developed and currently used by CSIRTs across the member states, analysed the trends in relation to sector-specific CSIRTs and issued recommendations to strengthen the incident response capabilities (IRC) in the health sector.
In an environment where specialised support is needed to develop incident response activities, the sectoral health CSIRTs remain inadequate.
Based on the report findings, ENISA recommendations are as follows:
In light of the recent data published by ENISA, EU cyber security networks have met to address cyber incidents like technical and operational crisis management at the 15th CSIRTs Network meeting and 5th CyCLONe Officers meeting.
While the CSIRT Network engages in information sharing and cooperation between member states at technical level, the EU CyCLONe provides situational awareness among competent authorities acting at the operational level.
ENISA coordinates the secretariats for these networks, providing dedicated tools and expertise and the technical infrastructures needed for further development.
The agency acts as a facilitator between the cyber networks, which include decision-makers responsible for crisis management.
The ENISA report is a telling look into the critical infrastructure changes that urgently need to be made due to the damaging consequences that can potentially affect the entire health supply chain for all stakeholders.
[Related: New report reveals divergent outlook on the future of work]