Story image

The race to keep ahead of healthcare cyber threats

30 Jul 18

The healthcare industry is among the most preferred prey of cybercriminals. Whether they’re targeting sensitive health information to extract ransom from a medical provider, or for blackmail or identity theft purposes, hackers are becoming faster and more intelligent.

In the last two years, 50 percent of healthcare organisations have experienced a data breach. This is according to ServiceNow’s recent State of Vulnerability Response in Healthcare Report.

Look no further than the WannaCry ransomware attack in 2017, which locked up National Health System computers in the UK and demanded ransom. This caused appointments to be cancelled and surgeries delayed. We’re continuing to see healthcare organisations suffer massive breaches.

Earlier this month, the operator of Singapore’s largest group of healthcare institutions, SingHealth, was the victim of a major cyber-attack. Non-medical personal data of 1.5 million patients were accessed and copied, and in addition, outpatient medical data of 160,000 patients were compromised.

Closer to home, recent initiatives by the Australian government have put the security of Australia’s healthcare infrastructure under the microscope like never before. In April it was revealed that more than 60 breaches were reported in the first six weeks of the country’s Notifiable Data Breach scheme, with healthcare making up almost a quarter of the notifications.

Additionally, this past week has seen intense debate about the security of the government’s My Health Record, as we entered a three-month period during which people can opt out of doing so.

There’s no guarantee that you will never be breached. 58 percent of healthcare organistions surveyed by ServiceNow believe attackers are outpacing the current cyber security infrastructure of healthcare firms, and they also reported a 15 percent increase in cyber-attacks over the last year, with severity increasing by 22 percent.    

With digital records here to stay and hackers ramping up attacks, now is the time for healthcare organisations to bolster cybersecurity to keep sensitive data secure. Let’s take a look at best practices to do just that:

Review vulnerability response capabilities

ServiceNow’s research found that two key capabilities that help avoid a breach were detecting vulnerabilities and patching them in a timely manner. Organisations should assess maturity based on these factors: ability to identify problematic areas, such as cross-department coordination, lack of asset and application visibility, and inability to track the vulnerability lifecycle.

Organisations should score these areas by estimating the existing risk—for example, based on the delays they introduce into the vulnerability patching process.

Tackle low-hanging fruit first

Start with basic hygiene items that can be addressed quickly.  For example, if security teams don’t scan for vulnerabilities, they need to make it a top priority to acquire and deploy a vulnerability scanner. If they do scan, they need to make sure they are doing both external and internal scans, including authenticated scans. Prioritising vulnerabilities is also essential. By integrating threat intelligence, security teams can factor in whether a vulnerability has been weaponised or is part of an active campaign.

Break down data barriers between security and IT

Create a common view combining vulnerability and IT configuration data—ideally using a single platform. This lays the foundation for more advanced capabilities, such as prioritising vulnerabilities based on impacted business systems and routing vulnerabilities to the right IT system owners for patching.

Automate response processes

Repeatable vulnerability response processes increase accuracy—reducing risk and eliminating rework. Workflow and process automation adds to this by driving significant efficiencies, accelerating patching times and reducing staffing requirements. Pay attention to automated routing, status tracking, measurable SLAs, and automated escalations. Ensure that security teams and IT teams have a shared view of these processes, and create situational awareness by providing dashboards and heat maps.

By automating response processes, security teams can significantly reduce the risk of a breach. With a clear roadmap and the correct technology, better cyber hygiene is within reach of any healthcare organisation, offering hope for a more secure future.

Article by ServiceNow A/NZ managing director David Oakley.

McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.