In the wake of the WannaCry ransomware attack, two cybersecurity experts suggest that if hospitals are not already using techniques such as multifactor authentication and public key infrastructure certificates, they need to head in that direction.

The ransomware hit the U.K.'s public health system and affected 150 countries, infecting more than 200,000 computers worldwide.

In the U.K., 48 of 248 National Health Service trust hospital networks were reportedly disrupted by this ransomware attack, resulting in staff being unable to access their systems and patients not being able to seek treatment, James Scott, senior fellow at the Institute for Critical Infrastructure Technology in Washington, said in an email. The institute advises the private sector, federal agencies and the legislative community about cybersecurity.

"This was a significant event because the ransomware spread so quickly and without going through email," David Reis, senior vice president and CIO at Lahey Health in Burlington, Mass., said in an email. "It was the worm portion of this event, which used a vulnerability only patched by Microsoft in March that probably contributed to the speed of the propagation."

Healthcare organizations should invest "in comprehensive, layered security solutions that incorporate traditional antimalware, multifactor authentication, etc., as well as bleeding-edge technologies such as AI algorithmic defense solutions, which detects, mitigates and preempts threats before malicious code executes on the system," Scott said.

Multifactor authentication is a security approach in which more than one method of identity verification is needed to allow a login or access.

PKI also promotes greater authentication Hospitals should also look into public key infrastructure (PKI) digital certificates, Jason Sabin, CSO at DigiCert, a security certification company located in Lehi, Utah, said in an email. PKI certificates allow organizations to: The WannaCry ransomware attack serves as a reminder of the consequences of lagging cybersecurity across many industries, including healthcare, and the need for improved, standardized practices. Jason SabinCSO, DigiCert enable efficient and secure patch management and over-the-air updates; authenticate every node in the network, including all devices -- such as mobile and medical devices -- and connection points; and

ensure message integrity through PKI deployment to only allow recognized and signed code access. Scott advised that healthcare organizations adopt a layered defense given that ransomware attacks are continuing to escalate in scale. "Organizations that fail to protect their systems and patients according to best practices and with bleeding-edge technologies, such as defense-grade artificial intelligence solutions, will be easy victims for even unsophisticated cyberattackers," Scott said.