Featured As businesses shift to cloud, CEOs need to prioritise cybersecurity: PwC

Published on January 27th, 2023 📆 | 7022 Views ⚑

0

High Awareness, Low Preparedness — The State Of Cybersecurity In Healthcare 


https://www.ispeech.org

Adopting a Zero Trust approach should be a top priority for healthcare providers going into 2023. With these renewed security frameworks in place, both — healthcare service providers and patients will be able to breathe a collective, much needed sigh of relief.

The pandemic proved to be a challenging period for global healthcare providers, not only in terms of the vast number of patients they had to care for but also the countless cybersecurity attacks to which they were subjected. Unit 42, the threat intelligence group at Palo Alto Networks, found that healthcare was the most targeted vertical for ransomware at the peak of the pandemic. And now, just as the dust settled on this, we have witnessed multiple high-profile cyberattacks on prominent medical institutes across India. Yet again, the importance of securing medical infrastructure has been highlighted in the nation’s collective conscience, and rightly so.

The healthcare industry exhibits anomalous behaviour when it comes to cybersecurity. Despite a high level of awareness about its importance, there is a surprisingly low level of preparedness to deal with attacks of any substantial scale. This was best exemplified when about three-quarters of the 200,000 infusion pumps examined by Unit 42 had known security vulnerabilities that attackers could target.

This was despite the existence of vast pools of knowledge on how to secure devices against these specific threat vectors. This is particularly worrisome for life-critical devices as they hold extremely sensitive patient data — on both health and identity — that is valuable to bad actors for multiple reasons. Considering their life-critical nature, patching these devices to mitigate known or unknown vulnerabilities is rarely an option. This also extends to non-critical medical devices, as their usable life can far exceed their supported life.

What’s more, the boundaries of healthcare institutes today go beyond the traditional hospital perimeter to ambulatory sites and patient-centred medical homes (PCMH). This new environment increases the attack surface and makes it logistically tougher to orchestrate and deploy robust security measures efficiently. As the healthcare sector does not merely deal with confidential data but often has lives at stake, it can fall victim to nation-state attackers whose motives may be far more macabre than those of the average ransomware actor.

On considering the findings in Unit 42’s 2020 IoT Ransomware Threat Report, which states that IoT and OT devices make up more than 30% of corporate networks, 98% of these see unencrypted traffic, and more than half of them are vulnerable to medium or high-severity attacks, it is clear that the stage for cyber attackers is set. If these risks were not enough when considered in tandem with the countless benefits of a secure healthcare stack, taking the time to ensure robust healthcare security becomes a no-brainer.

When dealing with high-profile cyberattacks on medical infrastructure, it is important to recognize that such attacks take advantage of the need to keep these systems up and running continuously. Apart from medical hardware devices, software that deals with sensitive information, such as Electronic Medical Records (EMR) and Picture Archiving & Communication Systems (PACS), are also required to be operational 24/7.





As such, securing the healthcare cybersecurity stack requires great attention to detail, as even the smallest vulnerability is enough to invite a great deal of damage. Ensuring the proper safety of these systems going forward involves a comprehensive Zero Trust as a cybersecurity strategy that protects a healthcare organisation by eliminating implicit trust and continuously validating every stage of digital interaction. The Zero Trust framework focuses on resource protection and the premise that trust is never granted implicitly. Rather, it must be continually evaluated.

A Zero Trust framework will lead to a more secure network that would ensure the following:

  • Increased visibility across the network: The lack of visibility into IoT and connected medical device estate means CXOs are unable to understand the true extent of their risk exposure and take action to secure their networks. Solutions that use a “signature-based” approach to identify devices are static and unable to provide users with scalable and accurate visibility. This approach often fails due to its inability to identify new/unknown devices if the signature is not built-in to begin with. Here, it is important to implement solutions that provide automated recommendations for security policies for all connected devices. These must be based on the principle of least privileged access and not in any way hamper ongoing security operations.
  • Contextual segmentation: Flat and unsegmented networks enable connected devices with unrestricted network access regardless of function or risk profile. In fact, Unit 42 found that as many as 72 percent of healthcare VLANS have a mix of IT and IoT devices, allowing malware to spread from user devices to vulnerable IoT devices on the same network. Setting contextual policies to segment devices on the network, thereby preventing lateral movement of threat vectors, is paramount to deal with zero-day threats. Solutions must leverage machine learning and behaviour profiling to fine-tune their policy recommendations further.
  • Advanced threat protection: The frequency at which medical institutes are being compromised makes it imperative to deploy solutions that proactively prevent known and unknown threats from entering the network. Thus, reducing the downstream burden of reactive detection and mitigation. Advanced threats require advanced solutions. As such, real-time cloud-based security services are ideal for dealing with these rapidly evolving threat vectors. Leveraging crowdsourced data to detect and analyse anomalous behaviour while retaining contextual details such as manufacturer disclosures (MDS2) is key in this regard.
  • Automated and accessible workflows: Doing away with medical and IoT device blindspots by deploying solutions that seamlessly integrate with existing IT and security infrastructure can help users who are change averse make the jump to more robust solutions. Oftentimes, IT teams within healthcare institutes have very different use cases compared to BIOMED teams, and this can require separate dashboards with separate functions. Having this segregation can help give more tailored insights to healthcare institutes and help them meet compliance needs.

    • In 2023, healthcare providers will continue to be high-value targets for cyberattacks. This will be further compounded by the increasing ubiquity of novel healthcare technologies like remote diagnosis and virtual healthcare and extraneous factors such as the accelerated adoption of 5G connectivity and the increased emphasis on data sovereignty. As such, securing medical IoT devices as we move into the new year will be absolutely critical. Despite it being hard to find anybody who would readily debate the immense importance of securing the healthcare sector, medical institutes have a long way to go when efficiently implementing these robust frameworks.

    Adopting a Zero Trust approach should be a top priority for healthcare providers going into 2023. With these renewed security frameworks in place, both — healthcare service providers and patients will be able to breathe a collective, much needed sigh of relief.

    — The author is Senior Vice President and GM at Palo Alto Networks. Views expressed herein are his own.

     

    Source link

    Tagged with:



    Comments are closed.






    © Torchsec  Privacy Policy Disclaimer  T&C



    Back to Top ↑