It’s insidious, fast-spreading, preys on the vulnerable and can exact a huge toll on its victims. Cybercrime is indeed much like the coronavirus. And over the past two years, it has hit medical and healthcare companies—and their customers and patients—especially hard.
Cyberattacks have escalated across the healthcare industry during the pandemic, further destabilizing already stressed companies (and their customers/patients). Citing figures from the U.S. Department of Health and Human Services (HHS), the HIPAA Journal called 2021 “the worst ever year for healthcare data breaches,” with 686 breaches of 500 or more records having compromised almost 45 million healthcare records.
These attacks can be expensive. The average cost of a data breach for healthcare agencies, according to the non-profit Center for Internet Security, is $355 per stolen record, more than double the $158 average for non-healthcare victims. Noting that ransomware is emerging as cybercriminals’ weapon of choice, HHS detailed the healthcare industry’s escalating problem in a January 2022 report: “Ransomware attacks, data breaches and often both together continued to be prevalent attacks against the health sector,” the agency said. “Ransomware operators continued to evolve their techniques and weapons for increasing extortion pressure and maximizing their payday. Vulnerabilities in software and hardware platforms, some ubiquitous and some specific to healthcare, continued to keep the attack surface of healthcare organizations wide open.”
That “attack surface”— and healthcare organizations’ vulnerability to cyberattack—is growing amid an increase in remote work, remote patient services and treatments, and the resulting expansion of the network edge. In a survey of healthcare provider C-level executives , 79% said they now use telehealth and 55% are using video chat, for example; nearly 40% of their organizations are making cloud migration a priority (see Figure 1).
While there is no vaccine to inoculate healthcare companies against ransomware attacks and other cyber threats, there are highly effective security measures they can take now to better protect their network and data assets, and their customers.
1. Start by conducting a high-level review of your organization’s security policies and procedures to gauge how well they protect remote environments, then update them as necessary. This entails taking a deep, detailed inventory and assessment of all the current network solutions on which your organization depends, along with all the network security policies and procedures it has in place. Be sure to cover everything out to the network edge, including the medical machines deployed in patients’ homes, for example. Look for gaps like the open port in an HVAC system that led to the infamous Target breach in 2013.
To ensure this review hits the mark, many healthcare organizations opt to outsource it to a trusted third-party expert or technology partner. In our experience, a fresh, outside perspective can make all the difference in spotting vulnerabilities and identifying approaches that an internal review might otherwise overlook.
2. Document and socialize all your security processes, policies and procedures across the organization. Keep a detailed, up-to-date accounting of your security portfolio, and revisit it regularly to ensure it’s appropriate for your organization’s cyber risk profile. Also be sure to keep your workforce in the loop about security processes and protocols, and how (and why) to follow them.
3. Defuse the DDoS threat. Distributed denial of service (DDoS) attacks can paralyze a healthcare company’s network. A DDoS mitigation service helps to diminish the threat of a DDoS attack by redirecting traffic and using scrubbers to clean diverted traffic. This technique protects an organization from the massive traffic surges that can disable access to the network resources it needs to support employees and patients.
4. Let go of the legacy network in favor of a more secure modern framework. Relying on an aging, outmoded network infrastructure invites trouble, particularly as organizations move more key business functions and data to the cloud, and as demand for remote network access increases to support employees and patients. For businesses ranging from healthcare to retail, software-defined wide-area networking (SD-WAN) is emerging as the modern network framework of choice, for the integrated multilayered security, ease of management, scalability, reliable from-anywhere connectivity and cost-efficiency that it provides. Indeed, stronger security is among the most appealing aspects of SD-WAN, we found in our survey of C-level healthcare execs, 42% of whom named security as the most important factor in their organization choosing SD-WAN.
5. Step into SASE. There’s good reason that most conversations about network security these days eventually lead to SASE. Short for Secure Access Service Edge, SASE isn’t just a catchy buzzword, it’s a legitimate counter to the increasingly sophisticated and varied cyberattacks that are victimizing companies inside and outside the healthcare industry. SASE essentially is a fabric of network and security technologies that overlays SD-WAN. It interlaces components, including Firewall as a Service (FWaaS), Secure Web Gateways (SWG), Zero Trust Network Access (ZTNA) and Cloud Access Security Broker (CASB), to form a unified connectivity framework that is uniquely positioned to intercept, inspect, secure and optimize all traffic across a network.
Importantly in this era of remote working and remote patient services and care, SASE extends the edge of the private network, providing persistent connectivity and security wherever an organization’s users and resources are. It’s scalable, and it can be monitored and managed through a single portal, significantly improving administrators’ experience by providing a consistent and unified interface to monitor and manage both network and security investments. Another advantage with SASE is it accommodates phased-in implementation, so organizations can test the waters with one or two of the aforementioned technologies before committing to using all of them.
The healthcare industry’s rapid shift to digital technology, remote access and the cloud brings new vulnerabilities that organizations can choose to address with modest steps or major initiatives. As cyberattack victims will attest, either is better than meeting a hacker’s ransom demands, or swallowing the high cost of a remediation campaign.