sb-au logo
Story image

How to effectively address security challenges in a digital healthcare world

23 May 2018

Businesses operating in the healthcare industry are increasingly going digital – and protecting themselves from cybercriminals should be a core part of their business.

According to Wavelink, criminals are often looking to steal sensitive information or make money through ransomware attacks, which is why it’s important for healthcare firms to maintain organisation-wide security that is both up-to-date and automated.

The 2017 Ponemon Cost of a Data Breach report says that healthcare is the most expensive industry for data breaches across the world – often costing 2.5 times the global average across industries.

According to Wavelink’s Hugo Hutchinson, healthcare need to be aware of their responsibilities about protecting patients’ privacy as well as protecting themselves against attacks.

He suggests a multi-layered approach that includes firewalls, cloud security, advanced threat protection, application security, access management, network operation centres, and security operation centres.

Often there can be a large number of people and devices that need to access healthcare firms’ networks. Employees, patients, and visitors are likely to use their own devices, while the organisation’s own devices also need to be managed.

Wavelink notes that it can be hard to keep track of who is being given access to what parts of the network.

“Best practice is to enforce access policies for all users and devices. This requires micro-segmentation of the network using internal network security firewalls so people can only get into the parts of the network that they’re authorised to access,” Hutchinson explains.

Wavelink adds that it’s essential to have strong security policies and processes, but these must not hinder the organisation from providing excellent patient care.

This means applications must perform at expected levels without being compromised by security measures such as slow packet processing, content inspection, or policy management processing.

The company also states that advanced threat protection can help to minimise the risk of a successful cyber attack. Sandboxing is able to create an isolated, secure environment to validate incoming threats. It could then share that threat information with the security community and disrupt zero-day threats.

“Threats are emerging and evolving too fast for manual processes to keep up. Organisations can’t expect to adequately fight the growing threats just by throwing more resources at them; automation is the only answer. It’s faster and less error-prone than humans, and it’s better at prioritising threats so organisations don’t spend time fighting every apparent threat,” Hutchinson says. “An automated system means security staff can work on minimising vulnerabilities and educating staff to help reduce the impact of human error on the organisation’s security.”

Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More
Story image
Plugging the gaps: Australian organisations are leaving their defence barriers wide open
Cybercriminals are are walking through the gaping holes in Australia’s organisational defences – gaps that leadership teams don’t even realise are there.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More