"Who would be interested in stealing patient data?"
Unfortunately this attitude is still common and it is precisely this together with the slow rate of change of healthcare technology refresh that exposes healthcare organisations to a very high risk of cyber attack.
Professor Trish Williams described the reasons in the 2017 Conference Health Informatics Society of Australia: "ransom for money; denial of service for malice and money; stealing confidential data; compromising data; identity theft and compromising devices".
There is little need to expand on the scale of the disruption by a cyber incident to busy healthcare providers operating at capacity.
The healthcare industry is plagued by a myriad of cybersecurity-related issues. These issues range from malware that compromises the integrity of systems and privacy of patients to distributed denial of service (DDoS) attacks that disrupt facilities’ ability to provide patient care. While other critical infrastructure sectors experience these attacks as well, the nature of the healthcare industry’s mission poses unique challenges:
Healthcare networks not only include clinics and doctor’s offices, but things like Internet-based consulting with remote healthcare providers or patients, multi-cloud IaaS and SaaS environments, and connected medical devices both inside hospitals and deployed with patients. Increasingly, distributed healthcare organizations heavily rely on information sharing across disparate users and departments.
All this adds up to an expanding attack surface that is increasingly difficult to address using traditional security devices and strategies. The challenge is that this is happening just as cyber-criminals are redoubling their efforts to target the valuable data that healthcare networks contain.
How to increase protection and resilience
To protect themselves from these cyber threats, healthcare organizations can take several courses of action. But a one-size-fits-all approach doesn’t apply to every healthcare organization. Rather, security requirements and implementations vary based on how the organization has deployed its technology resources, and what is considered critical to the business and patient care.
A number of foundational strategies are a fundamental place to start:
1. Good Cyber Hygiene at the endpoint level: Automation and reporting of Operating System and software updates.
2. Good network traffic control and segmentation with the use of next generation firewalls.
3. Transparent Visibility and Control across the entire attack surface including your cloud based software is a must. With Privacy Act Notifiable Data Breach Scheme enforced since 2018, not having visibility is no longer an option.
4. Advanced Threat Intelligence is required in a present time when traditional security approaches cannot keep pace with the state of current attacks. Artificial Intelligence and Threat Intelligence engines can detect tactics and techniques being used to exploit vulnerabilities and offer effective options for such things as prioritising patching, accelerating remediation efforts. Furthermore, machine learning capabilities can self-detect anomalies and communicate information about them across all points of the network in real time, shrinking attack, intrusion, and breach windows.
At PRACSEC we understand the challenge faced by small-medium healthcare practices. Our unique approach is tailored to your infrastructure and data requirements and our objective is rapidly raise the visibility and security posture of your practice.
Let us demonstrate to you how by contacting us on 1300 23 20 20 or info@pracsec.com.au for a free initial security health check.