Story image

The race to keep ahead of healthcare cyber threats

30 Jul 18

The healthcare industry is among the most preferred prey of cybercriminals. Whether they’re targeting sensitive health information to extract ransom from a medical provider, or for blackmail or identity theft purposes, hackers are becoming faster and more intelligent.

In the last two years, 50 percent of healthcare organisations have experienced a data breach. This is according to ServiceNow’s recent State of Vulnerability Response in Healthcare Report.

Look no further than the WannaCry ransomware attack in 2017, which locked up National Health System computers in the UK and demanded ransom. This caused appointments to be cancelled and surgeries delayed. We’re continuing to see healthcare organisations suffer massive breaches.

Earlier this month, the operator of Singapore’s largest group of healthcare institutions, SingHealth, was the victim of a major cyber-attack. Non-medical personal data of 1.5 million patients were accessed and copied, and in addition, outpatient medical data of 160,000 patients were compromised.

Closer to home, recent initiatives by the Australian government have put the security of Australia’s healthcare infrastructure under the microscope like never before. In April it was revealed that more than 60 breaches were reported in the first six weeks of the country’s Notifiable Data Breach scheme, with healthcare making up almost a quarter of the notifications.

Additionally, this past week has seen intense debate about the security of the government’s My Health Record, as we entered a three-month period during which people can opt out of doing so.

There’s no guarantee that you will never be breached. 58 percent of healthcare organistions surveyed by ServiceNow believe attackers are outpacing the current cyber security infrastructure of healthcare firms, and they also reported a 15 percent increase in cyber-attacks over the last year, with severity increasing by 22 percent.    

With digital records here to stay and hackers ramping up attacks, now is the time for healthcare organisations to bolster cybersecurity to keep sensitive data secure. Let’s take a look at best practices to do just that:

Review vulnerability response capabilities

ServiceNow’s research found that two key capabilities that help avoid a breach were detecting vulnerabilities and patching them in a timely manner. Organisations should assess maturity based on these factors: ability to identify problematic areas, such as cross-department coordination, lack of asset and application visibility, and inability to track the vulnerability lifecycle.

Organisations should score these areas by estimating the existing risk—for example, based on the delays they introduce into the vulnerability patching process.

Tackle low-hanging fruit first

Start with basic hygiene items that can be addressed quickly.  For example, if security teams don’t scan for vulnerabilities, they need to make it a top priority to acquire and deploy a vulnerability scanner. If they do scan, they need to make sure they are doing both external and internal scans, including authenticated scans. Prioritising vulnerabilities is also essential. By integrating threat intelligence, security teams can factor in whether a vulnerability has been weaponised or is part of an active campaign.

Break down data barriers between security and IT

Create a common view combining vulnerability and IT configuration data—ideally using a single platform. This lays the foundation for more advanced capabilities, such as prioritising vulnerabilities based on impacted business systems and routing vulnerabilities to the right IT system owners for patching.

Automate response processes

Repeatable vulnerability response processes increase accuracy—reducing risk and eliminating rework. Workflow and process automation adds to this by driving significant efficiencies, accelerating patching times and reducing staffing requirements. Pay attention to automated routing, status tracking, measurable SLAs, and automated escalations. Ensure that security teams and IT teams have a shared view of these processes, and create situational awareness by providing dashboards and heat maps.

By automating response processes, security teams can significantly reduce the risk of a breach. With a clear roadmap and the correct technology, better cyber hygiene is within reach of any healthcare organisation, offering hope for a more secure future.

Article by ServiceNow A/NZ managing director David Oakley.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.