Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

Healthcare’s Unique Cyber Risk Management Challenges

The healthcare industry has experienced an onslaught of cyber-attacks over the last year, primarily driven by the fact that patient records are highly prized assets among cyber criminals.

The healthcare industry has experienced an onslaught of cyber-attacks over the last year, primarily driven by the fact that patient records are highly prized assets among cyber criminals.

Protected health information sells for 30 times more than financial information on the dark web, since it contains a full identity profile including social security numbers. Being in the cross hairs of motivated cyber gangs is forcing the healthcare industry to address some stiff cyber risk management challenges. Let’s look at what steps the industry can take to reduce the likelihood of data breaches.

According to data provided by the United States Department of Health and Human Services, Office of Civil Rights (HHS OCR), the number of data breaches in the healthcare sector increased by 63 percent in 2016. In addition, the survey exposed two new trends: the acceleration of medical device hijacking and an increase of ransomware attacks.

In the case of medical device hijacking, cyber-attackers are exploiting backdoors in hardware devices such as X-ray machines and life-support equipment to plant malware. Once installed, it can be used to move laterally across the network to access and exfiltrate health information. 

While medical device hijacking requires sophistication, ransomware attacks are easier to conduct and show immediate return on investment. That’s why the industry has seen a wave of these attacks. The criticality of operations makes healthcare providers an easy target. Since lives are often at stake, it is essential for healthcare providers to ensure business continuity. The recent WannaCry ransomware attack had devastating impacts on the United Kingdom’s National Health Service, illustrating the severity of cyber security threats in the healthcare industry. 

Unique Challenges

Traditionally, healthcare providers’ mission is to save lives. As a result, IT security departments are typically not a top priority when it comes to budget dollars and are often chronically understaffed. This explains why many healthcare IT environments are outdated and consequently woefully unprepared to deal with these new types of cyber-attacks.

Another contributing factor is that many medical systems use older operating systems and proprietary software. Thus, they are often not being actively patched or are exposed by lengthy patch release cycles, making them a welcome target for cyber criminals.

Advertisement. Scroll to continue reading.

To complicate matters, the increased digitalization and exchange of healthcare information between services providers has dramatically broadened the industry’s attack surface. This is placing healthcare providers in an even more defensive position. The Internet of Things, which is targeting the healthcare market as one of its prime beneficiaries, will only make things harder. At the same time, healthcare organizations face strict standards and regulations (e.g., HIPAA, HITECH, HIMSS) relative to privacy and security.

Improving the Odds

The increased focus of cyber criminals on the healthcare industry makes it critical for providers to implement up-to-date security measures and prepare incident response plans to assure business continuity. The following best practices provide a solid foundation for reducing the threat of falling victim to cyber-attacks:

• Drive cultural change in the organization to incorporate security practices into day-to-day operations and secure the financial resources required to implement them.

• Frequently train employees to minimize the risk of Phishing attacks and social engineering. 

• Adopt basic safeguards such as data back-up, anti-malware tools, firewalls, and data encryption.

• Include IT security staff members in the buying decision process for medical systems and devices in order to raise transparency and awareness, and negotiate proper patch release cycle policies with suppliers.

• Increase the frequency of vulnerability scans to gather more timely security intelligence, which can assist in the detection of security gaps, control failures, and also verify if remediation actions were effective.

• Supplement vulnerability assessments with penetration testing to determine whether the specific vulnerability is actually exploitable or not.

By implementing these measures, while correlating and contextualizing external threat data with internal security intelligence and business criticality, healthcare organizations can operationalize their cyber security practices to shorten time-to-detection and ultimately, time-to-remediation of cyber threats. 

Written By

Dr. Torsten George is an internationally recognized IT security expert, author, and speaker with nearly 30 years of experience in the global IT security community. He regularly provides commentary and publishes articles on data breaches, insider threats, compliance frameworks, and IT security best practices. He is also the co-author of the Zero Trust Privilege for Dummies book. Torsten has held executive level positions with Absolute Software, Centrify (now Delinea), RiskSense (acquired by Ivanti), RiskVision (acquired by Resolver, Inc.), ActivIdentity (acquired by HID® Global), Digital Link, and Everdream Corporation (acquired by Dell).

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...