Cybersecurity’s role in patient care continuity
With all the high-profile cyberattacks hitting electrical infrastructure, manufacturing, and political entities, it’s easy to forget that healthcare is the number one targeted industry in the world. According to the 2021 Verizon Data Breach Investigations Report, there were 655 cybersecurity incidents in 2020 that impacted healthcare organizations globally. It’s gotten so bad that the FBI and the U.S. Department of Health and Human Services took the unprecedented step of issuing a joint alert warning that cybercriminals were taking new aim at healthcare providers and public health agencies.
Healthcare organizations are a tempting target for cybercriminals because they offer a treasure trove of personal information, present an easy target because of lagging cybersecurity maturity, and are in the midst of transformative change in how patient care is delivered. Today’s healthcare technology innovations have introduced connected network systems and wireless technologies capable of providing lifesaving functions, enhancing provider productivity, and improving affordability. Devices, both corporate issued and personal, are used within the confines of the network and at places with less secure Wi-Fi, such as homes and coffee shops.
This virtual health revolution is built on the back of cloud adoption.
The acceleration of telehealth and work-from-home models boomed across all types of healthcare organizations in 2020, allowing patients to continue to get the care they needed without putting their health further at risk from Covid-19 infection. Dispersed healthcare professionals needed access to sensitive patient data from managed and unmanaged devices. As endpoints proliferated, so did the security risks.
This increased exposure is scary. While typical security incidents may entail temporary operational disruption, penalties, and reputational damage—things that are repairable over time—protecting healthcare organizations from malicious activity can have life–death implications. A recent attack in the Czech Republic took a Covid-19 testing site offline just as cases were soaring, while a successful breach at a hospital network in New Zealand took down the organization’s paging system, forcing nurses to use personal mobile phone numbers to alert doctors when a patient suffered a cardiac arrest. In both cases, healthcare professionals were not able to deliver the level of care their patients needed—all because the digital healthcare solutions they relied on were infiltrated.
We need to do better as an industry.
Breaches and incidents continue to rise, and even healthcare organizations with the best detect-and-respond solutions continue to fall short. The problem is that new malware variants emerge daily, requiring IT teams to constantly patch and update attack signatures. And once the initial penetration is made, a lack of visibility into traffic inside the network allows threat actors to spread laterally to other systems and applications with impunity. Making matters worse, the acceleration of digital transformation as a result of Covid-19 restrictions massively expanded healthcare organizations’ attack surfaces and created major security gaps. All it takes is for one user to click on a single malicious link, and your network is exposed. Unfortunately, cybersecurity solutions are not keeping up with modern threats.
So, what can we do?
Given the recent architecture changes and move to work in the cloud, now is the time for healthcare organizations to turn the challenges uncovered by the pandemic into opportunities to improve patient care. Moving security closer to the user and delivering security services through the cloud allows healthcare organizations to proactively protect systems and data across the network at scale, including edge and Internet of Medical Things (IoMT), without slowing the user experience.
The key to achieving this goal is through Zero Trust powered by isolation. A Zero Trust approach assumes that all traffic—inbound and outbound—is inherently bad. Instead of making an allow-or-block decision at the point of click, healthcare organizations should be able to block known threats and isolate everything else. This fail-safe technique essentially cuts off access to users’ devices—preventing malware from getting a foothold in the network. And because it’s delivered through the ubiquitous cloud wherever users log in, isolation eliminates security gaps in the face of expanding threat surfaces.
It’s time for a new cybersecurity architecture.
Zero Trust requires a reimagined cloud-based network and security architecture through Secure Access Service Edge (SASE). Moving to SASE requires a phased approach, implemented in alignment with a healthcare organization’s specific business objectives. The way to do this in a cost-efficient, nondisruptive way is to first focus on eliminating attacks on users with an emphasis on where healthcare professionals spend the most time during their working day—in a web browser—through a combination of leveraging a secure web gateway (SWG), cloud access security broker (CASB), data loss prevention (DLP), and remote browser isolation (RBI). This integrated approach can provide a strong security foundation and the scalability required to begin a SASE transformation.
It’s time to stop ransomware, malware, and zero-day exploits. Download this new ebook to discover how healthcare organizations can prevent cybersecurity breaches today.
The post Cybersecurity’s role in patient care continuity appeared first on Menlo Security.