What are the greatest risks to healthcare organisations?
Healthcare is currently one of the most targeted sectors for cyber attacks. In recent years, the average cost of an attack has surpassed the $10M mark according to IBM Security’s annual Cost of a Data Breach Report. There are some significant cases of this being even higher, with the infamous WannaCry attack on the NHS in 2017 costing them nearly £100M.
Surveying the attack landscape for healthcare, what are the most pressing security concerns now? And how should providers go about combatting them?
Key threats include:
Ransomware attacks: Encryption of data with payment demanded in exchange for decryption. In healthcare, ransomware attacks can result in the loss of patient data or make it difficult for healthcare providers to access patient records, leading to disruptions in patient care and operations, leading to potentially dangerous outcomes for patients.
Data breaches: Healthcare data breaches can occur due to a variety of reasons, including insider threats, cyber attacks, and accidental disclosures. These breaches can expose sensitive data, including sensitive personally identifiable information, medical records and financial information.
Medical device vulnerabilities: Medical devices are largely now IOT devices, making them vulnerable to cyber attacks. A successful attack on a medical device can result in direct harm to patients due to the devices themselves not working as intended, but a successful attempt on a single networked device can also enable a threat actor to broaden their attack to other resources within the network.
Third-party vendor risks: Healthcare regularly relies on third-party vendors to provide services and solutions. These vendors may have access to sensitive patient data, making them a target for cyber attacks. If a vendor’s systems are compromised, it can result in the loss of patient data and further disruption to patient care.
What actions should healthcare organisations take to combat cyber threats?
Implement security controls: Healthcare organisations should implement security controls such as firewalls, antivirus software, intrusion detection, zero trust prevention systems, and encryption to protect their networks and data. This not only gives security leaders visibility of potential threat activity, but these services help to identify and isolate suspicious actions at source giving analysts time to understand the severity of the threat before taking decisive action.
Regularly update software and systems: Regular software updates and system patches assist in preventing vulnerabilities that threat actors will attempt to exploit. Applying zero trust solutions can also assist here when losing the battle against patching updates – organisations can prove a level of resilience to regulators and the like and help prevent breaches of unpatched or out of date applications.
Conduct regular cybersecurity training: Healthcare organisations should provide cyber security training to employees to educate them on best practices for protecting sensitive data, recognising phishing attack trends and reporting suspicious activity.
Conduct regular security assessments: A hacker-view of vulnerabilities within the infrastructure will always be of value in ensuring the most critical assets are sufficiently protected and provide enough obfuscation against typical attack approaches, giving organisations the assurance that the deployed layers of defence remain valid and effective.
How can Amicis help?
For more information on how Amicis can support you as a security leader in healthcare, including our work in both public and private sector healthcare organisations, please contact us via hello@amicisgroup.co.uk. For a free trial on how we help maintain compliance standards against key healthcare frameworks including HIPAA using our SecOps platform, please enquire here.