• Cyber-security
  • Cisco’s umbrella can help deal with cyber-attacks

    Simple, open, automated and effective: these are the four cornerstones of Cisco Umbrella set out in its solution brief. Cisco sees its value in dealing with the complexity, range and reach of eHealth services. It’s continuously expanding, along with its cyber-security requirements and gaps. Available from Health IT Security, the brief sets out its functions as: 

    Covering gaps without any hardware to install or software to manually updateProtecting any device and every port without configuration changes or latencyExtending existing protection and incident response data through integrationsProtecting all devices, locations, and users on and off networksPredicting threats before they happen by learning where attacks are stagedBlocking malicious domains and IPs before connections are establishedStopping threats before they reach networks and endpointsIdentifying infected devices faster and preventing data exfiltration.

    Cisco recognises that cyber-security isn’t an absolute, 100% state. Its goals are to maximise prevention and achieve early, effective responses to cyber-attacks.  This is realistic, and offers an option for Africa’s eHealth.

  • Some employees can be a cyber-security threat

    Uncomfortable as it may be, Imperva says employees are the greatest cyber-security risk. They may be careless, become compromised or have malicious intent, and their trusted access to data can expose organisations. 

    An Imperva blog proposes the action needed to minimise the risk.7 Steps to Protect Your Data From Insider Threats are: 

    Discover and classify sensitive dataMonitor all user access to dataDefine and enforce organisational policiesLeverage advances in artificial intelligence detectUse interactive analytics tools to investigate security incidentsQuarantine risky usersGenerate reports to document security events.

    These aren’t proposed as absolute solutions. Imperva offers them as a guide to help detect and contain insider threats. Perhaps the most modern feature’s using machine learning to uncover unknown threats. It can sift through massive amounts of detailed data access logs so security teams can establish behavioural baselines of users’ access to data and rapidly identify changes, inappropriate or abusive data access. Drilling down’s more manageable. 

    The seven steps provide a framework for Africa’s eHealth cyber-security. Applying them needs resources, especially skilled people to manage and operate the process.

  • India’s patient and personal information data's been hacked

    Wide-ranging, Interoperable (IOp) eHealth depends on effective, secure Unique Patient Identifiers (UPI). India’s extending Aadhaar, its national identity number, as the UPI for healthcare. The Tribune has a report saying it’s been hacked. Rs 500, 10 minutes, and you have access to billion Aadhaar details refers to the Unique Identification Authority of India (UIDAI), responsible for Aadhaar, claim in November that Aadhaar data for over a billion people’s fully safe and secure and there has been no data leak or breach.

    A Tribune employee paid Rs500, about US$8, for a service offered by anonymous sellers to provide unrestricted access to details for Aadhaar numbers. Contact was made over WhatsApp, and took ten minutes to complete. Data provided included a login ID and password for access to any Aadhaar number in the portal and access the data that individuals have submitted, including name, address, postal code, photo, phone number and email address. Another Rs300, almost US$5, bought software that can facilitate Aadhaar card printing by entering an Aadhaar number of any individual.

    The Tribune says IDAI officials in Chandigarh were shocked at the revelations. It’s classified as a major national security breach. It seems the breach was some six months ago. Anonymous groups were created on WhatsApp. They targeted over three unemployed Village-Level Enterprise (VLE) operators hired by the Ministry of Electronics and Information Technology (ME&IT) under the Common Service Centres Scheme (CSCS). 

    CSCS operators produced Aadhaar cards. They lost their jobs when the service was restricted to post offices and designated banks to avoid security breaches. Initial illegal Aadhaar access was used to print and sell Aadhaar cards to low income villagers. Cyber-criminals have expanded the service.

    There are several lessons for Africa’s planned UPIs. Cyber-security should never be seen as safe. It required constant vigilance. Changes in personnel and providers always need corresponding changes in access rights and monitoring. These should be part of a rigorous cyber-security strategy.

  • Two bugs, Meltdown and Spectre, render your devices vulnerable

    An alarming start to eHealth’s New Year’s a claim by The Register that there are two bugs in chips used in the vast majority of computers and smart phones. It’s important for Africa’s eHealth vulnerability. It says severe design flaw in Intel microprocessors allows sensitive data, such as passwords and crypto-keys, to be stolen from memory.

    It seems that Intel's CPUs could allow applications, malware, and JavaScript running in web browsers to access confidential information in private, hidden memory areas. These zones often contain files cached from disk, a view onto the machine's entire physical memory. Intel's flaw’s called Meltdown. 

    Arm and AMD processors are affected too, but Meltdown doesn’t affect AMD processors. AMD says there its chips risk are near-zero. Arm has produced a list of its affected cores, typically in smartphones, tablets and other handheld devices. It links to a set of workaround patches for Linux systems. 

    Chips in desktop PCs, laptops, phones, fondleslabs and backend servers don’t completely walk back every step they take when they've taken a wrong path of code. Consequently, data remnants they shouldn't have been allowed to fetch remain in their temporary caches and can be accessed later. 

    Spectre allows apps to extract information from other processes running on the same system. It can be used by code to extract information from its own process too. AMD says its processors are practically immune to Variant 2 Spectre attacks. As for Variant 1, microcode updates or recompiled software’s needed. Google’s confident that ARM-powered Android devices running the latest security updates are protected due to measures already in place to thwart exploitation attempts, especially access to high-precision timers needed in attacks. The Register lists security patches, mitigations and updates for Google's products, including Chrome and ChromeOS. 

    It remains to be seen if the proposed fixes, patches and updates fix the vulnerabilities. It leaves Africa’s eHealth with a big headache in their current limbo.

  • eHealth's 'good to great' formula for 2018

    Amit Ahlawat in his book, “Seven Ways to Sustained Happiness”, says, “New doors open up; we stop looking back, enjoy the present and start planning and prioritising for the future in an optimal and optimistic manner." Similarly, as the doors of 2018 have swung open, eHealth must look forward, carrying with it the wins and lessons from 2017 to plan for an optimistic future. So, what does this future look like?  More importantly, what are Africa’s  eHealth priorities in 2018?

    2017 left us with a whirlwind of eHealth innovation, some big wins and some great lessons. Over the past few days, every noteworthy eHealth blogger, author and fund have written about their insights for 2018. As a young voice in this industry, I’d like to share my eHealth predictions for the year ahead. 

    My infatuation with analytics leads me to my first prediction; 2017’s curiosity with BDdata will result in greater investment in analysing data and making it more useful in 2018. eHNA’s published several articles over the last two years around the need for predictive analytics and the applications of Machine Learning (ML) in Africa’s healthcare. Micromarket Monitor predicts a Compound Annual Growth Rate (CAGR) of over 28% in predictive analytics investment in the Middle East and Africa by 2019.  Growth will be driven by the high penetration of new technologies in eHealth, rapidly increasing eHealth start-ups in Africa and the deluge of data they generate.

    Next, the rise in mHealth applications will swing more users towards Bring Your Own Devices (BYOD). While  it’s been a hot topic in 2017, Africa’s eHealth seems unconvinced by it. An eHNA article reported that over 90% of healthcare workers own a smart device. Barring security concerns, mHealth’s growing use in clinical decision support and healthcare delivery will propel government and organisations towards developing BYOD strategies. 

    Unsuspectingly, gamification may grab lots of attention this year. As healthcare moves away from a reactive to a proactive response, gamification may provide a large helping-hand in behaviour modification and awareness. It’s already created a sensation with Pokemon Go. Research suggests it improves physical and mental health.

    There’ll be many more predictions and events for Africa’s eHealth in 2018. The success of these will be underpinned by prioritising and investing in:

    Developing eHealth leadershipChange managementRisk managementCyber-security. 

    eHealth needs a unique type of leader with the right eHealth perspective, insight and skills to identify and maximise Africa’s eHealth opportunities. Without this, opportunities may not be seized. Acfee feels strongly about this and has put together a number of resources to develop eHealth leaders and champions.

    Change management’s vital for eHealth transformation. It helps stakeholders understand, commit to, accept and embrace the changes that eHealth brings with it. Prosci reports that projects with excellent change management are six times more likely to meet their objectives than projects with poor change management.

    Lastly, no endeavour is without risk. England’s WannaCry crisis and spambot Onliner are proof that eHealth and innovation will attract a fair amount of risk. 2017’s frenzy around cyber-security has taught us some valuable lessons. Lessons that need to carried into this year and strongly embedded into risk management protocols. For preparedness is no luxury, but a cost to eHealth’s progression and efforts.

    I look upon 2018 with great zeal and zest for the infinite opportunities that lie ahead. 2017 has shown that Africa has a promising eHealth future ahead of us, and the contributions you make as innovators, collaborators and visionaries can only strengthen it. I wish you all a prosperous new year and hope that you will remain in our readership as we unfold 2018’s innovations and breakthroughs.

  • What were the top ICT stories in 2017?

    Now 2017’s history, the significant ICT themes can be seen. A retrospective by Health IT Analytics found the top ten from its posts. They’re Big Data, Fast Healthcare Interoperability Resources ( FHIR) and machine learning are included. They’re:

    Top 10 Challenges of Big Data Analytics in HealthcareTop 4 Machine Learning Use Cases for Healthcare ProvidersWhat is the Role of Natural Language Processing in Healthcare?Judy Faulkner: Epic is Changing the Big Data, Interoperability GameHow Healthcare can Prep for Artificial Intelligence, Machine LearningExploring the Use of Blockchain for EHRs, Healthcare Big DataHow Big Data Analytics Companies Support Value-Based HealthcareBasics to Know About the Role of FHIR in InteroperabilityData Mining, Big Data Analytics in Healthcare: what’s the Difference?Turning Healthcare Big Data into Actionable Clinical Intelligence. 

    It’s a valuable checklist for Africa’s health informatics and ICT professionals for there personal development plans. eHealth leaders can use it too to ensure their eHealth strategies either include initiatives for the top ten, or lay down the investigative and business case processes for future plans. 

  • NIST updates its cyber-security framework

    Cyber-security measures keep stepping up. The US National Institute of Standards and Technology (NIST) has updated its proposals in its report on the Revised NIST Infrastructure Cybersecurity Framework. eHNA briefly summarised NIST’s first report. 

    Its core comprises four elements: functions, categories, sub-categories and informative references. They stretch across five aspects:

    IdentifyProtectDetectRespondRecovery.

    Four tiers are part of its overall risk management methodology: 

    Tier 1: partial:> Risk management >Integrated risk management programme>External participationTier 2: risk informed:Tier 3: repeatableTier 4: adaptive.

    Each tier has different degrees of rigour in its three common categories of: 

    Risk managementIntegrated risk management programmeExternal participation, 

    Organizations can adopt the framework now. It provides Africa’s eHealth teams with a sound template to work towards.

  • Eleven cyber-security measures can reduce risks

    Healthcare’s cyber-security risks are increasing partly due to eHealth trends. AA whitepaper from Osterman Research, sponsored by KnowBe4, a cyber-security training firm, describes them. Protecting Data in the Healthcare Industry also sets out eleven good practices than can help to mitigate the risks. It’s important for two reasons:

     Healthcare deals with life and death, so can’t afford disruptionCyber-breach disruption damages healthcare’s reputation and value. 

    Increasing cyber-threat is a combination of eHealth and criminal trends. eHealth trends include: 

    Increasing cloud use for file storage and sharingSystematic under-investment in cyber-securityData breaches are becoming more commonHealth workers face an expanding array of eHealth communication and collaboration tools

    Cyber-criminals’ activities and trends include:

    Healthcare personal data has a high criminal valuePhishing and ransomware growth.

    Adopting and sustaining good practices are essential. Eleven set out in the whitepaper are:

    Take cyber-security risks seriouslyBuild cyber-threat awareness across healthcare organisationsDevelop and implement cyber-security strategiesEstablish thorough, detailed and effective cyber-security policiesEnable encryption at every pointUse cyber-threat intelligenceTest cyber-attack recovery capacity and capabilityInvest in cyber-security awareness trainingGovern user behaviour for tools, devices, and repositoriesTighten password policies and account accessEnsure effective cyber-security defences are in place and working smoothly. 

    These provide a helpful checklist for Africa’s eHealth. After it’s complete, it’s important that the actions and investment revealed as needed are implemented. Without it, cyber-holes will remain.

  • Will AI improve cyber-security?

    AI is seen as a big step up in eHealth and healthcare. Will it help to improve cyber-security too? Forrester, a strategy firm, says it will. Its report Artificial Intelligence Will Revolutionize Cybersecurity But Security Leaders Must View All Vendor Claims With Skepticism also offers caution.

    While AI can help, pure AI, the sci-fi version won’t. It’s the building block technologies of pragmatic AI that can provide applications that can support cyber-security in dealing with about current and future threats. Like all solutions, AI’s not a silver bullet, but it’s part of the cyber-security armoury that can help analysts to keep up with new and emerging threats and the daily deluge of alerts and events they have to deal with every day. This emphasises an important AI theme. Human knowledge is paramount and can be enhanced by AI.

    AI for cyber-security’s a second joint priority. About 34% of organisations say it’s their objective, the same percentage as improving analytics and insights. Better ICT efficiency’s the top priority at about 40%.

    Some AI vendors are incorporating one of more components into their services. The range includes: 

    Biometrics to authenticate users unique physical characteristicsNatural language processing (NLP) technology to reads and understand people’s textMachine learning, composed of tools, techniques, and algorithms to analyse dataDeep learning, a branch of machine learning focusing on algorithms that construct artificial neural networkSecurity automation and orchestration (SAO) to help with cyber-threat investigations and responses.Cyber-security analytics.

    Forrester sets out six ways to scale cyber-security with machine learning. It identifies and advantage and disadvantage of each one. The core role is automatically identifying suspicious, anomalous patterns and user behaviour that appear faster. The techniques are:

    1. Thresholds set on continuous metrics to detect anomalies. Advantage: thresholds are very simple to configure. Disadvantage: they may detect situations after the fact, not before

    2. Built-in rules using vendors’ years of expertise can automatically raise alerts based on this internal. Advantage: built-in rules require little setup and codify vendors’ expertise with other customers. Disadvantage: rules may not exist for all threat surfaces and may be based on outdated information

    3. Customisable rules to let cyber-security professionals apply their experience using their organisations’ own unique complex combinations of software and systems. Advantage: security professionals can codify their expertise in the solutions. Disadvantage: they may create rules based on theories instead of concrete data

    4. Built-in models, can go beyond rules created by people to address complex relationships from historical data faster and find complex, nuanced relationships than people can. Advantage: models are created by machine learning algorithms that analyse historical cyber-security data, yielding better predictions that improve over time. Disadvantage: models need more data science knowledge to tune and maintain.

    5. Built-in models can learn the peculiarities of organisations’ cyber-threat surface. Advantage: predictive models are based on actual data collected from infrastructure and analysed by machine learning algorithms. Disadvantage: false positives and false negatives are often problems with predictive models generated by machine learning

    6. External, importable models let organisations’ communities share knowledge. Advantage: organisations can share and reuse AI models used for cyber-security. Disadvantage: community models may vary widely in efficacy and applicability to specific organisations.

    The report provides Africa’s health systems sophisticated, balanced insights into AI’s wider user. It is essential to include its perspectives into their eHealth strategies with AI having more than one role in frontline healthcare. It adds a new, constructive dimension to eHealth’s essential cyber-security strategies and plans.

  • England’s NHS could have prevented the WannaCry cyber-security breach

    It was a bad day for England’s NHS. On 12 May, the WannaCry ransomware attack breached over a third of its organisations’ cyber-security defences. Without access to data, many patient services and schedules were disrupted and brought to a halt. It was a shock to the health system. NHS Digital believes not data was stolen.

    A report from the UK’s National Audit Office identified 14 facets of the breach. The lessons are essential for Africa’s eHealth. 

    The NHS was not the specific target, but it resulted in a major incident and emergency arrangements to maintain health and patient careOn the evening of 12 May, a cyber-security researcher activated a kill-switch, stopping WannaCry locking devices and avoiding more disruptionWannaCry was the largest cyber-attack to affect the NHS, following attacks on several organisations, the NHS trusts, before 12 May 2017, two of which breached by WannaCry had been breached beforeThe Secretary of State for Health asked the National Data Guardian and the Care Quality Commission (CQC) to reviews and report on data security, identifying, in July 2016, that cyber-attacks could lead to patient information being lost or compromised and jeopardise access to EPRs, resulting in all health and care organisations needing to provide evidence that they were improving cyber-security, including moving off old and obsolete operating systems, such as Windows XPThe Department of Health (DoH) and its arm’s-length bodies did not know if local NHS organisations were prepared for cyber-attacks, including their responses to NHS Digital alerts in March and April 2017 warning organisations to patch their systems to prevent WannaCry, crucial knowledge because NHS Digital cannot mandate local bodies to act, even if it has vulnerability concernsWannaCry spread across the Internet, includingthe broadband network connecting all NHS sites in England, the N3 network, but there were no instances of it spreading across the NHS email system, NHSmailAt least 34% of England’s NHS trusts were disrupted, but DoH and NHS England don’t know the full extent of the disruptionThe scale and scope of the disruption isn’t known, but an estimated 19,000 thousand appointments were cancelled, operations were cancelled and in five areas, patients had to travel further to A&E departmentsThe Department, NHS England and the National Crime Agency confirmed that no NHS organisation paid the ransom, in line with NHS Digital advice, but the DoH doesn’t know how much the service disruption cost the NHS and patientsA DoH plan that included roles and responsibilities of national and local organisations in responding to cyber-attacks had not tested at local levels, so the NHS was not clear about actions it should take when WannaCry struck, a deficiency exacerbated because WannaCry was different to previous incidents, such as a major transport accident, and took more time to determine the cause and scale of the problemWithout rehearsals for a national cyber-attack, it was not immediately clear who should lead the response, and there were communications problems tooIn line with its existing procedures for managing a major incident, NHS England initially focused on maintaining emergency care All organisations infected by WannaCry shared the same vulnerability and could have taken relatively simple action to prevent the breach by patching obsolete Windows operating systems and managing their firewalls facing the Internet would have guarded organisations against infection.

    In response, the NHS’s:

    Developing a response plan setting out what it should do to respond to cyber-attacksEstablishing roles and responsibilities of local and national NHS bodies and the DoHEnsuring organisations implement critical CareCERT alerts for emails sent by NHS Digital providing information or requiring action, including applying software patches and keeping anti-virus software up to dateEnsuring essential communications work during attacks when systems are downEnsuring organisations, boards and their staff take cyber-threats seriously, understand the risks to front-line services and work proactively to maximise their resilience and minimise impacts on patient care. 

    Since WannaCry, 39 CareCERT alerts have been issued by NHS Digital between March and May 2017. They require essential action to secure local firewalls.

    These insights and lessons are valuable for Africa’s eHealth. They provide a component of the cyber-security strategies and plans they need.