Navigating the complexities of healthcare cybersecurity

Future and its syndication partners may earn commission when you buy through links in our articles.

With cyber attacks increasing at an alarming rate, healthcare organizations are scrambling to implement effective measures to prevent these threats. Health care over the past four years, according to the U.S. Department of Health and Human Services. data violations increased by 239% and ransomware Attacks increased by 278%. IBM’s 2023 Cost of Data Breach Study found that more than 88 million people were affected by security breaches in 2023 alone, underscoring the urgent need for robust data breaches. cyber security amount.

Despite the clear and present danger, the healthcare industry continues to struggle to implement effective cybersecurity practices. Whether it was the Tricare data breach in 2011, the Shields Healthcare data breach in 2022, or most recently the data breach at United Healthcare, these high-profile attacks have resulted in significant disruptions, financial vulnerabilities, and loss of trust for patients whose personal information was accessed. Health is a critical part of daily life, so why have organizations been slow to adopt better solutions?

The answer may seem simple, but it is quite complex. Healthcare is a highly regulated industry with low operating margins. According to IBM’s 2023 Cost of Data Breach Study, the cost of a single breach is approximately $11 million. That’s why organizations are taking a methodical approach to implementing security frameworks by creating a dedicated Chief Information Security Officer (CISO), internal team, and consulting partner as the base layer. From there, careful patch management, mitigating software supply chain risks, antivirus solutions and ongoing employee training are included in the framework.

Basic steps for healthcare facility security

Even a special security With the team and framework in place, healthcare organizations face challenges due to strict regulatory compliance rules, sensitive nature of patient data, complex, interdependent provider ecosystem, cloud and AI technology adoption, and more. There are five obligations that organizations can undertake to reduce the risk of cyberattacks.

1. Locking the cloud

As more data is stored offsite, it is crucial that healthcare IT teams follow regulatory requirements in establishing a security control framework that outlines how data is sent to the cloud, the encryption format, and who can access it. During cloud service providers may provide security measures to keep data safe; It is important to integrate more controls. This can be done by automating security in Dev SecOps or controlling multi-cloud scenarios in case of a failure or attack. As HCA Healthcare discovered, physical security at the data center location is equally important. In 2023, a theft at an external storage location leaked more than 11 million records containing patient contact information and upcoming appointment dates.

Organizations should prioritize the creation of comprehensive data retention strategies and contingency plans. It is vital to conduct comprehensive security reviews of the architecture of public-facing applications deployed in the cloud. Resilient cloud-based solutions designed to quickly combat ransomware attacks and facilitate rapid restoration of normal operations protect both operations and patients’ interests.

2. Eliminating the risk of unpatched devices

A healthcare system consists of many devices, from laptops to MRIs to patient monitors. An IT team is responsible for protecting each of these. extreme points as well as various software programs for electronic medical records and insurance payment systems. This equates to thousands, if not millions, of entry points an attacker could target. Updating legacy systems and identifying aging vulnerabilities that have not been patched should be one of the first steps. To find and remediate these areas, teams can create a closed-ended management program prioritized by risk level.

When security applications and programs are not updated, catastrophic ransomware attacks occur, as seen in Change Healthcare in early 2024. According to testimony before Congress, the attack in which thousands of patient records were leaked was due to the lack of multi-factor authentication (MFA) on certain servers; this was a vulnerability that could be detected.

3. Stopping malicious insider threats

Implementing advanced security operations based on zero trust principles such as segmentation, identity and behavior will prevent threats from within the network.

It also proactively stops threats that exceed the defense’s initial limit. These threats can also arise in the form of partnerships with third-party vendors. The Department of Health and Human Services’ Healthcare Cybersecurity Coordination Center has alerted organizations to a vulnerability in the MOVEit file transfer program. This platform, where millions of records were exposed, was targeted by Russian cyber attackers in 2023. CISOs must ensure that each vendor has passed HIPAA audits and earned HITRUST certification before implementing any service.

4. Ensuring compliance with legislation

There are many regulations and compliance points that a healthcare organization must comply with regarding patient data. Since each country has different regulations, keeping up with them all is a difficult task. In addition, as new devices, software or digital transformation projects emerge, these will bring with them a new set of risks. Working with a healthcare consulting partner who can monitor risks and regulatory changes can help keep the security framework tight.

For example, Kaiser Permanente announced a data breach in April 2024 that affected more than 13 million Americans. While not considered a typical breach, patient data was shared with third-party advertisers due to incorrect tracking code that tracks website usage and navigation. Consulting partners can help CISOs better monitor and audit IT systems and help uncover these issues.

5. Adopting new technologies

GenAI is the latest technology that every organization is striving to incorporate into its technology stack. Previously, companies took their time to adopt new technologies, but the popularity of GenAI is leading to faster implementations without full consideration.

In the field of health, artificial intelligence Its use carries both risks and benefits. On the plus side, it enhances the cybersecurity framework by proactively monitoring and flagging issues. Repetitive tasks can be automated, allowing the CISO and security team to perform other tasks to strengthen the cybersecurity framework. However, it must be said that artificial intelligence also brings risks to an organization. Hackers are using AI to improve phishing scams, create more sophisticated attacks, and create deepfake threats. When choosing GenAI solutions, it is best to choose solutions that monitor quality and trust and are produced specifically for the healthcare industry.

Additionally, if an employee uses AI tools that are not approved by the security team, it exposes the organization to further risks. This shadow IT problem, often combined with poor employee compliance with IT governance control, layers on another threat surface that CISOs and the team struggle to detect. CISOs must create a culture of security among all employees. Organizations that invest in comprehensive security training platforms see significant value as employees become the first line of defense.

How did an organization prevent threats?

In the case of a leading oncology treatment technology provider, this company has implemented a cybersecurity framework using these basic steps to thwart attacks. This organization required the various radiation clinics to use their own proprietary systems. Rather than sending staff to each location, the provider used a cloud-based solution to protect against vulnerabilities throughout the software’s lifecycle. Using information from threat modeling and previous cyber risk assessments, the team understood where it was necessary to build a stronger security infrastructure.

The provider worked with partners to design and build a centralized treatment planning solution that includes a robust security testing framework that includes static testing and evaluations of third-party libraries. Data analytical determined how to assign threat severity levels and vulnerability mitigation paths. As a result, the oncology technology provider fixed more than 100 vulnerabilities, scanned 1.5 million lines of code, and detected and rejected more than 250 cybersecurity threats. Implementation of a security framework consisting of five key elements has successfully secured this infrastructure.

Security in the connected world

Technology has transformed healthcare. Gone are the days of paper records and notes. Everything is online, automated and unfortunately vulnerable to security risks. When healthcare CISOs, their teams, and consulting partners work together, a tighter security framework is put in place that reduces overall cybersecurity risk. Healthcare organizations can minimize their attack surface by taking these basic steps. Result: A healthcare facility that can provide the right treatment to patients in a timely manner, without any downtime or shutdown.

We introduced the best encryption software.

This article was produced as part of TechRadarPro’s Expert Insights channel, where we highlight the best and brightest minds in today’s tech industry. The views expressed here are those of the author and not necessarily those of TechRadarPro or Future plc. If you’d like to contribute, learn more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro