Story image

The race to keep ahead of healthcare cyber threats

30 Jul 2018

The healthcare industry is among the most preferred prey of cybercriminals. Whether they’re targeting sensitive health information to extract ransom from a medical provider, or for blackmail or identity theft purposes, hackers are becoming faster and more intelligent.

In the last two years, 50 percent of healthcare organisations have experienced a data breach. This is according to ServiceNow’s recent State of Vulnerability Response in Healthcare Report.

Look no further than the WannaCry ransomware attack in 2017, which locked up National Health System computers in the UK and demanded ransom. This caused appointments to be cancelled and surgeries delayed. We’re continuing to see healthcare organisations suffer massive breaches.

Earlier this month, the operator of Singapore’s largest group of healthcare institutions, SingHealth, was the victim of a major cyber-attack. Non-medical personal data of 1.5 million patients were accessed and copied, and in addition, outpatient medical data of 160,000 patients were compromised.

Closer to home, recent initiatives by the Australian government have put the security of Australia’s healthcare infrastructure under the microscope like never before. In April it was revealed that more than 60 breaches were reported in the first six weeks of the country’s Notifiable Data Breach scheme, with healthcare making up almost a quarter of the notifications.

Additionally, this past week has seen intense debate about the security of the government’s My Health Record, as we entered a three-month period during which people can opt out of doing so.

There’s no guarantee that you will never be breached. 58 percent of healthcare organistions surveyed by ServiceNow believe attackers are outpacing the current cyber security infrastructure of healthcare firms, and they also reported a 15 percent increase in cyber-attacks over the last year, with severity increasing by 22 percent.    

With digital records here to stay and hackers ramping up attacks, now is the time for healthcare organisations to bolster cybersecurity to keep sensitive data secure. Let’s take a look at best practices to do just that:

Review vulnerability response capabilities

ServiceNow’s research found that two key capabilities that help avoid a breach were detecting vulnerabilities and patching them in a timely manner. Organisations should assess maturity based on these factors: ability to identify problematic areas, such as cross-department coordination, lack of asset and application visibility, and inability to track the vulnerability lifecycle.

Organisations should score these areas by estimating the existing risk—for example, based on the delays they introduce into the vulnerability patching process.

Tackle low-hanging fruit first

Start with basic hygiene items that can be addressed quickly.  For example, if security teams don’t scan for vulnerabilities, they need to make it a top priority to acquire and deploy a vulnerability scanner. If they do scan, they need to make sure they are doing both external and internal scans, including authenticated scans. Prioritising vulnerabilities is also essential. By integrating threat intelligence, security teams can factor in whether a vulnerability has been weaponised or is part of an active campaign.

Break down data barriers between security and IT

Create a common view combining vulnerability and IT configuration data—ideally using a single platform. This lays the foundation for more advanced capabilities, such as prioritising vulnerabilities based on impacted business systems and routing vulnerabilities to the right IT system owners for patching.

Automate response processes

Repeatable vulnerability response processes increase accuracy—reducing risk and eliminating rework. Workflow and process automation adds to this by driving significant efficiencies, accelerating patching times and reducing staffing requirements. Pay attention to automated routing, status tracking, measurable SLAs, and automated escalations. Ensure that security teams and IT teams have a shared view of these processes, and create situational awareness by providing dashboards and heat maps.

By automating response processes, security teams can significantly reduce the risk of a breach. With a clear roadmap and the correct technology, better cyber hygiene is within reach of any healthcare organisation, offering hope for a more secure future.

Article by ServiceNow A/NZ managing director David Oakley.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.