In 2022, Gartner estimated that by 2025, 45% of organisations will have experienced a supply- chain cyber-attack – a prediction that unfortunately appears to be coming to fruition. This year, however, presents an even more dangerous landscape, particularly for organisations operating critical national infrastructure, such as healthcare providers.

Gartner估計，到2022年，45%的組織將遭遇供應(yīng)鏈網(wǎng)絡(luò)攻擊，不幸的是，這一預(yù)測似乎即將實現(xiàn)。然而，今年的形勢更加危險，尤其是對于運營關(guān)鍵國家基礎(chǔ)設(shè)施的組織，如醫(yī)療保健提供者。

With over 50 countries running high stakes elections in 2024, the potential for severe disruption has never been higher. Threat actors will be looking to take advantage of poorly protected CNIs with sprawling supply chains to work their way into governmental networks and wreak havoc, and healthcare organisations are a perfect entry point..

隨著50多個國家在2024年舉行高風(fēng)險選舉，嚴(yán)重破壞的可能性前所未有。威脅行為者將尋求利用保護(hù)不善、供應(yīng)鏈龐大的國家信息中心進(jìn)入政府網(wǎng)絡(luò)并造成嚴(yán)重破壞，醫(yī)療保健組織是一個完美的切入點。。

Healthcare organisations often struggle with time and resource constraints, leading many to outsource services such as HR, payroll, and cleaning services. This creates a sprawling ecosystem of partners, each representing a potential entry point for an attack. On top of this, healthcare organisations are almost always connected to third-party pharmaceutical suppliers, academic institutions, and software vendors – creating a complex network of players outside of the organisation’s control..

醫(yī)療保健機構(gòu)經(jīng)常面臨時間和資源的限制，導(dǎo)致許多機構(gòu)將人力資源、工資和清潔服務(wù)等服務(wù)外包。這創(chuàng)造了一個由合作伙伴組成的龐大生態(tài)系統(tǒng)，每個合作伙伴都代表了一個潛在的攻擊切入點。除此之外，醫(yī)療保健組織幾乎總是與第三方制藥供應(yīng)商、學(xué)術(shù)機構(gòu)和軟件供應(yīng)商聯(lián)系在一起，形成了一個不受組織控制的復(fù)雜參與者網(wǎng)絡(luò)。。

Additionally, healthcare relies heavily on operational technology (OT) for many critical functions. Due to its size and value, OT often has a very long lifespan, hindering the possibility for newer operating systems to come into play. This makes it extremely difficult, sometimes nearly impossible, to implement critical software updates, opening a backdoor for cybercriminals to exploit these outdated systems..

此外，醫(yī)療保健在許多關(guān)鍵功能上嚴(yán)重依賴操作技術(shù)（OT）。由于其規(guī)模和價值，OT通常具有很長的壽命，阻礙了新操作系統(tǒng)發(fā)揮作用的可能性。這使得實施關(guān)鍵軟件更新極其困難，有時幾乎不可能，為網(wǎng)絡(luò)犯罪分子利用這些過時的系統(tǒng)打開了后門。。

The allure for cybercriminals is clear – a single breach can grant them access to multiple organisations within the supply chain, opening the door to every other organisation in the supply chain. This foothold allows them to disrupt operations, steal sensitive patient data, and with many healthcare organisations having a direct connection to government networks, such as the NHS, this gives threat actors the opportunity to move across the supply chain to the bigger players.

對網(wǎng)絡(luò)犯罪分子的誘惑是顯而易見的——一次漏洞就可以讓他們進(jìn)入供應(yīng)鏈中的多個組織，為供應(yīng)鏈中的所有其他組織打開大門。這種立足點使他們能夠擾亂運營，竊取敏感的患者數(shù)據(jù)，并且由于許多醫(yī)療保健組織與NHS等政府網(wǎng)絡(luò)有直接聯(lián)系，這為威脅行為者提供了跨越供應(yīng)鏈向更大參與者轉(zhuǎn)移的機會。

The potential ROI is simply too high for bad actors ignore, especially in an election year when causing major disruptions might be particularly appealing..

潛在的投資回報率實在太高了，不好的演員無法忽視，特別是在選舉年，造成重大干擾可能特別有吸引力。。

Risk evaluation & communication are key

風(fēng)險評估和溝通是關(guān)鍵

The key for healthcare organisations lies in proactive security measures. These involve taking a long term approach to security by evaluating their supply chain partners and the threat landscape to develop a comprehensive strategy that focuses on preventing breaches before they occur.

醫(yī)療保健組織的關(guān)鍵在于積極主動的安全措施。這些措施包括采取長期的安全方法，通過評估其供應(yīng)鏈合作伙伴和威脅情況，制定一項綜合戰(zhàn)略，重點是在違規(guī)發(fā)生之前預(yù)防違規(guī)。

Architectural best practices: It starts with your own network

架構(gòu)最佳實踐：從您自己的網(wǎng)絡(luò)開始

Network architecture plays a vital role in minimising risk, so organisations must make sure they are working with secure networks before any improvements to their supply chain security can be done. Methods such as implementing strong authentication protocols to ensure only authorised users can access sensitive data and systems, isolating critical systems to prevent a breach in one area compromising the entire network, and prioritising ongoing patch management, are basic strategies that can go a long way in terms of risk mitigation.

網(wǎng)絡(luò)體系結(jié)構(gòu)在最大程度地降低風(fēng)險方面起著至關(guān)重要的作用，因此組織必須確保他們正在使用安全的網(wǎng)絡(luò)，然后才能對其供應(yīng)鏈安全進(jìn)行任何改進(jìn)。實施強大的身份驗證協(xié)議以確保只有授權(quán)用戶才能訪問敏感數(shù)據(jù)和系統(tǒng)，隔離關(guān)鍵系統(tǒng)以防止某個領(lǐng)域的漏洞危及整個網(wǎng)絡(luò)，以及優(yōu)先考慮正在進(jìn)行的補丁管理等方法，這些都是基本策略，可以大大降低風(fēng)險。

These measures ensure that systems are kept up to date and secure, closing any loopholes for cyberattacks..

這些措施確保系統(tǒng)保持最新和安全，填補任何網(wǎng)絡(luò)攻擊漏洞。。

Supplier Vetting: You’re only as strong as your weakest link

供應(yīng)商審查：你的實力只取決于你最薄弱的環(huán)節(jié)

Supplier cybersecurity posture should never be taken at face value. Every organisation, especially CNIs should conduct comprehensive risk assessments when onboarding new players in their supply-chains. Evaluating security strategies and adherence to best practices is a great place to start, but organisations can go even further by evaluating alignment with standards such as ISO 27001 and NIST 2.0.

供應(yīng)商的網(wǎng)絡(luò)安全姿態(tài)不應(yīng)被視為表面價值。每個組織，尤其是CNI，在為其供應(yīng)鏈中的新參與者提供服務(wù)時，都應(yīng)該進(jìn)行全面的風(fēng)險評估。評估安全策略和遵守最佳實踐是一個很好的起點，但組織可以通過評估與ISO 27001和NIST 2.0等標(biāo)準(zhǔn)的一致性來進(jìn)一步。

Compliance with these internationally recognised certifications demonstrates a commitment to robust security protocols, giving organisations peace of mind that the partner they’re recruiting will not become a weak link for threat actors to exploit. But vetting shouldn’t stop after the initial assessment – regular audits of all partners is essential in identifying any new vulnerabilities and to ensure the entire supply chain remains secure..

遵守這些國際公認(rèn)的認(rèn)證證明了對強大安全協(xié)議的承諾，讓組織放心，他們正在招募的合作伙伴不會成為威脅行為者利用的薄弱環(huán)節(jié)。但審查不應(yīng)在初步評估后停止——對所有合作伙伴的定期審計對于發(fā)現(xiàn)任何新的漏洞并確保整個供應(yīng)鏈保持安全至關(guān)重要。。

Third Party Risk Management: Communication is key

第三方風(fēng)險管理：溝通是關(guān)鍵

A well-defined and agreed upon risk management programme can be a lifesaver for everyone with a link to the supply chain. It is in every organisation’s best interests to be as secure as possible, so partners should be disclosing any new or potential vulnerabilities they discover with

對于與供應(yīng)鏈有聯(lián)系的每個人來說，一個定義明確且達(dá)成一致的風(fēng)險管理計劃都可以成為救命稻草。盡可能安全符合每個組織的最佳利益，因此合作伙伴應(yīng)披露他們發(fā)現(xiàn)的任何新的或潛在的漏洞

all key players. Having a risk mitigation plan that launches into action across the whole supply chain should a vulnerability or breach be discovered would significantly decrease the likelihood of any sensitive data being compromised, as well as block threat actors from moving across the supply chain and infiltrating other networks..

所有關(guān)鍵參與者。如果發(fā)現(xiàn)漏洞或漏洞，風(fēng)險緩解計劃將在整個供應(yīng)鏈中啟動，這將大大降低任何敏感數(shù)據(jù)被泄露的可能性，并阻止威脅行為者跨越供應(yīng)鏈并滲透其他網(wǎng)絡(luò)。。

Find the threats at their source

找出威脅的來源

The next, and possibly newest, approach to proactive security is dark web monitoring. Stolen data is often offered for sale on the dark web, an environment where cybercriminals can communicate anonymously. By tapping into dark web intelligence, organisations can stay one step ahead of threat actors, getting an upper hand on both breach prevention and data recovery.

下一個可能是最新的主動安全方法是暗網(wǎng)監(jiān)控。被盜數(shù)據(jù)通常在暗網(wǎng)上出售，網(wǎng)絡(luò)犯罪分子可以在這種環(huán)境中匿名通信。通過利用黑暗的網(wǎng)絡(luò)情報，組織可以比威脅行為者領(lǐng)先一步，在防范漏洞和數(shù)據(jù)恢復(fù)方面取得優(yōu)勢。

Some benefits to dark web monitoring include:.

黑暗網(wǎng)絡(luò)監(jiān)控的一些好處包括：。

Data Collection: Dark web monitoring can reveal data breaches that may not have been

數(shù)據(jù)收集：黑暗的網(wǎng)絡(luò)監(jiān)控可以揭示可能沒有的數(shù)據(jù)泄露

made public yet, allowing organisations to take the necessary steps to protect

尚未公開，允許組織采取必要措施進(jìn)行保護(hù)

themselves. This may include launching their incident response plan earlier than normal

他們自己。這可能包括比正常情況更早啟動事故響應(yīng)計劃

and notifying potentially affected individuals or organisations within their supply chain.

并通知其供應(yīng)鏈中可能受影響的個人或組織。

Supply Chain Security Monitoring: Proactive monitoring can identify compromised

供應(yīng)鏈安全監(jiān)控：主動監(jiān)控可以識別受損

suppliers within the organisation’s network before the breach is disclosed. Once again,

在違規(guī)行為被披露之前，組織網(wǎng)絡(luò)內(nèi)的供應(yīng)商。再一次，

allowing for quick mitigation efforts, significantly reducing the impact of the breach.

允許快速緩解工作，大大減少違約的影響。

Incident Response: Data collected from the dark web can inform incident response

事件響應(yīng)：從黑暗網(wǎng)絡(luò)收集的數(shù)據(jù)可以為事件響應(yīng)提供信息

strategies, by helping organisations understand the nature of the breach, allowing for

戰(zhàn)略，通過幫助組織了解違約的性質(zhì)，允許

evaluation of the scope of the response that is necessary. In a similar light, it can allow

評估必要的響應(yīng)范圍。在類似的情況下，它可以允許

organisations to verify the veracity of the threat. Bad actors will often overstate the

組織驗證威脅的準(zhǔn)確性。糟糕的演員往往會夸大

amount of data they’ve stolen to pressure organisations into complying with their

他們竊取的數(shù)據(jù)量迫使組織遵守

demands. Dark web monitoring allows organisations to investigate their claims and gain

需求。黑暗網(wǎng)絡(luò)監(jiān)控允許組織調(diào)查他們的主張并獲得

a clearer picture of the actual situation.

更清楚地了解實際情況。

In a high stakes year such as this, breaches are inevitable, but organisations can significantly reduce their risk by taking on proactive measures to secure themselves and their supply chains. It is no longer about ‘if’ they suffer a breach, it’s about ‘when’ they suffer a breach, so preparation is crucial..

在這樣一個高風(fēng)險的年份，違規(guī)是不可避免的，但組織可以通過采取積極措施來保護(hù)自己和供應(yīng)鏈，從而大大降低風(fēng)險。這不再是關(guān)于“如果”他們遭受違約，而是關(guān)于“何時”他們遭受違約，因此準(zhǔn)備工作至關(guān)重要。。

相關(guān)知識

眼健康面臨的威脅仍不少
【專題研究】大數(shù)據(jù)在食品供應(yīng)鏈中的應(yīng)用——中國食品安全信息追溯平臺
中藥養(yǎng)生保健品市場痛點，中藥保健品的特點存在哪幾個方面的問題
IoT干貨－確保無線醫(yī)療設(shè)備的安全
新冠疫情將催生中國的全球大健康紡織品產(chǎn)業(yè)鏈和供應(yīng)鏈
醫(yī)療器械網(wǎng)絡(luò)安全
水污染對健康的威脅仍不容小覷
打造有機健康產(chǎn)品供應(yīng)安全鏈.docx
增塑劑為什么會有隱形的健康威脅
兒童用藥安全：如何正確使用藥物，避免不良反應(yīng)？

網(wǎng)址: 醫(yī)療保健中的供應(yīng)鏈安全：在不可避免的威脅中生存 http://m.u1s5d6.cn/newsview669806.html