Since the boom of technology in healthcare, doctors and hospitals are slowly being released from the need for physical proximity for care delivery. This has been accelerated by the big move towards remote care and telehealth due to the pandemic. The healthcare industry has also significantly benefited from connected devices such as remote patient monitoring devices, sensors, wearables, and records management software. According to a 2020 Forrester report, the number of connected devices makes up 74% of the devices in the healthcare industry. However, this modernization of healthcare comes with its pitfalls. The threat landscape is growing exponentially, with healthcare organizations moving beyond defined physical boundaries. With the surge in connected devices, medical device security is also now a global concern. For example, the 2017 WannaCry ransomware attack had a widespread impact on National Health Service hospitals in England and Scotland, with as many as 70,000 devices affected.
Recent years have witnessed a significant increase in the number of cyberattacks. It is reported that the healthcare industry is prone to cyberattacks two or three times more than other industries. The US Department of Homeland Security, the FBI, the Interpol, and the United Kingdom’s National Cyber Security Centre have issued several advisories to healthcare organizations on the rise in cyberattacks and ransomware.
Cyberattacks in Healthcare
Cybersecurity in healthcare includes protecting data and electronic assets from unauthorized access, use, or disclosure. Some of the common cyberattack routes that can lead to credentials misuse, data, and/or resource hijack include:
- Ransomware through which the hacker can use malware to take control over individual devices or servers in exchange for money or other demands
- Malicious websites that can collect data or hack the device
- Phishing attacks through emails
- Blind spots in encryptions that go undetected during inspections
- Weak passwords and unencrypted devices
Despite the surge in cyberattacks, typically most healthcare organizations allocate only a minuscule portion of the total IT budget for cybersecurity. These attacks affect the delivery of patient care across healthcare facilities. In addition to the fact that sensitive private data gets compromised and can be misused, these incidents can harm patients as tampering of records can result in wrongful diagnoses or delays in treatment.
Cyber Security Strategy
The three goals of cybersecurity, also known as the ‘CIA triad,’ focus on protecting the confidentiality, integrity, and availability of information. Market research leaders such as Gartner & Forrester recommend that organizations within the government and the private sector take a collaborative, layered approach to protect patients and their data from cyber threats. To that end, the various aspects that healthcare industry players must focus on while preparing a cybersecurity strategy are:
- Architecture analysis
- Effectiveness of analytics and reporting
- Preparation for attack
- Threat research
- Device visibility
- Vulnerability management
- Market approach
To plan an effective cybersecurity strategy companies must involve different teams including the CISO, CIO, infrastructure & application leaders & teams, security & risk management teams, etc. The different steps need to typically include alignment of strategy to organizational security & business goals, development of an action plan based on vulnerability assessment, board buy-in/resource backing, and policy framework, execution leveraging the right tools, technologies, and skillsets, program maturation through critical incident response, advanced analytics, and employee training/enablement, continuous reassessment & realignment through metrics & feedback, and required optimizations.
Cyber Security Planning
Although the above form the base to start a cybersecurity strategy, implementing recommended safety practices depends on the organization’s size, complexity, and type. The key factors can be categorized as health information exchange partners, required IT capabilities, cybersecurity investment required, healthcare service provider size, and service complexity. Once these factors are established, a cybersecurity system with at least the following components must be implemented:
- Firewall – Build a robust firewall to protect the system from outside threats
- Access categorization – Regulate admission or access to suspicious and infected websites to protect the system
- Intrusion Detection System (IDS) – Use IDS to analyze inbound and outbound traffic based on traffic logs
- Intrusion Prevention System (IPS) – Compliment IDS with IPS to control traffic based on the maliciousness of the user
- Policy management – Develop a set of rules that helps strengthen the firewall security of the system.
- Virus scanning capabilities – Implement antivirus systems such as Avast, McAfee, Norton to help improve protection against malware, spam, and phishing.
- Security Information Event Management (SIEM) – SIEM helps manage and record attacks on the network.
- Patching – Regular patches for computers and programs must be done without delay to avoid system compromise
- Continuous end-user education – To build a network defense, the users must have a fair understanding of the different types of threats. Knowledge about trusted networks, password strength, and even email etiquette must be known to all users.
- System updates – To reduce the risk of hacking and viruses, update the software to the latest version. Keeping software up-to-date will mitigate the attack of malware.
GAVS for Cyber Security
Leveraging the alliances of global technology leaders in Cyber Defense, Endpoint Security, IAM, and others, GAVS delivers superior AI-led cybersecurity services to proactively manage risk. From assessment, operations, and strategy, GAVS offers various services including:
- Assessment and advisory services
- Security operations
- Digital identify services
- Security project implementation
- DevSecOps and cloud security
As the dependency on technology increases, robust cybersecurity is imperative to conduct day-to-day operations, protect data, and improve patient safety. The healthcare industry must prioritize cybersecurity initiatives from fiscal, technical, and operational standpoints by upgrading or replacing legacy systems, implementing cybersecurity awareness and training programs, conducting continuous end-to-end security risk assessments, increasing budgets, and most of all, considering cybersecurity an integral part of organizational strategy and not as a stand-alone initiative.
To learn more about GAVS cybersecurity offerings, please visit https://www.gavstech.com/service/security-services/.