Skip to the content

Welsh social care sector urged to prioritise measures for cyber security

05/01/24

Mark Say Managing Editor

Get UKAuthority News

Share

'cyber security' over laptop
Image source: istock.com/Maria Novotna

Wales’ national cyber security body has raised a warning about threats to the country’s social care sector.

The Cyber Resilience Centre for Wales (CRCW) said that outdated IT systems often make social care organisations an attractive target for cyber criminals and that there is a need to prioritise the issue.

It highlighted the danger of cyber breaches from former employees, saying they often stem from organisational failures such as improperly identifying a change in employee status, which can lead to permissions being set higher than necessary and create security weaknesses.

It outlined five steps to strengthen resilience, including the provision of clear HR policies to ensure any staff leaving an organisation have documented and audit exit interviews to include the return of company IT equipment and cancellation of passwords.

Secondly, staff should be made aware of the types of cyber attack and methods to identify them, and understand the importance of strong and unique passwords and the risks of sharing too much information on social media.

Access controls and logging

These should be accompanied by the introduction of strong access controls for IT systems, and internal network logging to make it possible to spot any unusual activity – such as a heavy volume of emails suddenly coming from outside an organisation’s network.  

Finally, there is a need for policies and procedures covering data control and access, such as limiting the number of attachments that can be sent out at once and providing staff with policies on data handling and password security.

WCRC has recently partnered with the Welsh Government in an initiative to provide free cyber security training for staff in social care.

 

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.