How healthcare providers can better manage the risk presented by their supply chains


The cyber attack on London hospitals is a stark reminder of the real world impact that malicious hackers can have, and the ongoing third party risk facing hospitals. The disruption of this attack is deeply concerning.

Healthcare organisations, faced with time and resource constraints, often outsource services such as HR, payroll, and cleaning services. On top of this, hospitals are connected to countless third-party pharmaceutical suppliers, academic institutions, and software vendors. This creates a sprawling ecosystem of partners, each representing a potential entry point for an attack.

With supply chains continually targeted by cybercriminals, it has never been more important for organisations to assess the cybersecurity maturity of third-party suppliers during the tendering process and adopt proactive solutions to bolster their cyber resiliency. Enterprises should ensure that software is up-to-date, and that liability is contractually agreed in the event of a breach. They should also establish good cyber hygiene with measures like consistent cybersecurity training for employees, multi-factor authentication (MFA), and regular data back-ups.