Matt Lock from Varonis outlines strategies to combat ransomware
Ransomware is on the rise but the healthcare industry and the NHS need to learn the lessons from recent attacks. While it is generally welcomed that the government will introduce new regulatory scrutiny of data security for trusts and harsher penalties for serious data breaches. There is a need to mitigate the threats to essential services and establish how best to reduce the ease with which such cyberattacks can spread.
Hospital Times turned for advice to Matt Lock, Director of Sales Engineers at cyber security specialists Varonis, which is a leading provider of access management software solutions that protect data from insider threats and cyberattacks. New York-based Varonis, which is 12 years old, allows organisations to analyse, secure, manage and mitigate their volumes of unstructured data.
Matt has more than 17 years’ experience in the field of network security, which includes extensive contracts with many global businesses, including BP and JP Morgan. Specialising in risk assessment, risk management, policy compliance, security reviews and network behaviour anomaly systems, he now leads Varonis’ sales engineering team in the UK, Ireland and the Middle East. His team is helping customers and partners from a range of sectors in data governance projects, and organising, securing, and managing their unstructured data.
He says: “We need to get better at protecting the data itself, face up to the challenges of overly permissive data access, and grasp the importance of setting a ‘least privilege model’ in which only those that ‘need to know’ have access. One challenge is that there was a growing trend in the past towards improving accessibility of data and integration for employees whether in healthcare or other service sectors. In the NHS this openness means that when an attack strikes, more services such as A&E departments could be impacted.”
In the UK in the wake of the WannaCry ransomware attack in May, which infected at least a fifth of NHS trusts, the focus of the government response has now moved towards cybersecurity rather than patient consent or opt-outs.
Varonis has 6,500 customers worldwide of whom some 10 per cent are in the UK and Varonis firmly believes that protecting the perimeter of an organisation is not the only solution. According to the Varonis web site 47 per cent of organisations have at least 1,000 sensitive files open to every employee. But there is an answer. More than 30 per cent of enterprises caught instances of suspicious user behaviour or malware after deploying Varonis—a data security platform that protects file and email servers from cyberattacks and insider threats.
What happens if cyber attackers roam free?
Matt says: “The danger is that organisations concentrate on protecting their perimeter without focusing on what happens if a cyberattack succeeds and the intruders roam free once they are inside. It is as if I’d given you £1 million for a security guard for the perimeter and then nothing for the inside.”
However, Matt recognises that first and foremost “cultural change” is needed in many organisations including healthcare for employees to embrace new governance models where they accept that don’t need access to data that they don’t need to fulfil their role in an organisation. He says: “Varonis has developed a security platform to let organisations track, visualise, analyse, and protect their unstructured data but the cultural change is very important involving a complete change of approach for many staff. There is a need for ‘data owners’ and for departments within a business to take control of their own data.”
So how does Varonis security software play its part? The Varonis web site has an answer for that. “We analyse the behaviour of the people and machines that access your data, alert on misbehaviour, and enforce a ‘least privilege’ model.” As Matt sees it more rigorous policies within organisations and better education in respect of access to sensitive data are an essential step They will combat the dangers of growing threats from ransomware and the damage that such disruption can do to vital services in healthcare and related fields.