Industry experts share why healthcare is a target for cyber predators and how the industry can #BeCyberSmart’
Cybersecurity is a constantly evolving industry, as hackers and security professionals become sophisticated and continuously try to outsmart each other. National Cybersecurity Awareness Month is celebrated every October and is an initiative to put conscious efforts towards ensuring better cybersecurity hygiene and incorporate stronger security measures.
In 2021, Cybersecurity Awareness Month highlights the importance of cybersecurity education for all around the theme: Do your part. #BeCyberSmart. Industry experts share their insights around the evolving threat landscape and why healthcare sector is most vulnerable to cyberattacks and how the industry can bolster cyber defences.
“According to CrowdStrike’s Threat Hunting Report 2021, healthcare was one of the top five targeted verticals in the APJ region, with confidential information such as PII and PHI data from clinical trials and research often a target for adversaries. Pharmaceutical companies have intellectual property they need to secure relating to things like proprietary drug information or pharmaceutical research. This is also very attractive to adversaries because of the sell on value or potential to use for ransom demands as well as the opportunity to fast track drug research through theft of this information,” says Nitin Varma, Managing Director – India & SAARC, CrowdStrike.
He says, “To effectively mitigate cybersecurity risks, organisations need to focus their cybersecurity approach on prevention, detection and response. The following practices can help in endpoint and workload protection as well defend against the most sophisticated attacks.
• Create a hostile environment for adversaries: Making your environment as hostile as possible for adversaries is an important strategy so having multiple defence layers at endpoints goes some way to achieving this. It enables healthcare organisations to protect sensitive data such as patient medical records or scheduling systems, and other networks
• Use a VPN with Multifactor Authentication: Using VPN with multifactor authentication mitigates the exposure of the Remote Desktop Protocol and protects credentials that are often a way in for adversaries. This includes prioritizing patching for other vulnerabilities in VPN platform(s) and any underlying authentication applications
• Gain visibility into your network: Comprehensive visibility into the network, critical data and all endpoints is crucial to understanding an organization’s digital footprint and where weaknesses may lie. A preparedness plan can address any weaknesses identified in digital infrastructure. As an important link in the chain, employees should also be regularly trained on cybersecurity best practices
• Protect Emails and Patient Health Records: Phishing emails with malicious attachments are another tool that adversaries use to gain access to company systems and health records. As part of their mitigation strategy, healthcare leaders should incorporate email security software that uses URL filtering as well as attachment sandboxing
• Invest in Threat Hunting: Threat hunters are crucial in finding threats before they’re able to infiltrate a network. They effectively engage in cyber hand-to-hand combat with adversaries. For organizations who don’t have the funds nor size to facilitate their own threat hunting team, there are managed services available. In fact, we’re currently seeing a surge in the use of a managed detection and response (MDR) approach by pharma companies in India.
• Run Tabletop Exercises: Even the best solution in the world requires practice and preparation. Tabletop exercises with security teams, IR, legal, insurance and necessary people from ground to board level will ensure everyone knows where they need to be and what they need to do to save their business in the event of an attack.
Healthcare leaders should also add Endpoint Detection and Response (EDR) to their cyber strategy. EDR detects and mitigates cyber threats through continuous and comprehensive real-time visibility into a network’s endpoints. Behavioural analysis and intelligence is then applied to endpoint data to stop breaches when attempted.
With the right approach to vulnerability management, healthcare organizations can identify the most pressing security weaknesses in the environment and #BeCyberSmart by addressing them quickly to avoid attacks.”
Nitin Varma, Managing Director – India & SAARC, CrowdStrike
“The last 18 months have brought unprecedented challenges and opportunities for the healthcare sector – according to a recent report by Praxis Global Alliance, the online doctor consultation market is expected to be over $800 million by FY24, growing at 72% CAGR. But with the heightened demand for telehealth and virtual care, vaccination drives, and more devices on the network, there has never been a more critical time to address the cybersecurity strategy in the sector.
A hospital room is equipped with an average of 15-20 devices connected to the internet in today’s world of healthcare. The proliferation of medical and internet-connected devices in healthcare brings both clinical benefits and security risks. Just think of the volume of critical healthcare data being transferred and stored every day – data from IoT and connected medical devices, electronic health records (EHRs), and hospital applications for patients, clinicians, researchers, and administrators. #BeingCyberSmart should be a priority for the healthcare industry, as the financial costs associated with a healthcare organization’s failure to protect confidential patient data can be severe. And most importantly, a healthcare organization that has been the victim of cybercrimes may lose trust amongst their patients and partners,” says Vishak Raman, Director, Security Business, Cisco India and SAARC.
He says, “Healthcare providers need an integrated, unified, end-to-end security portfolio to help address privacy requirements, improve threat detection, and reduce management complexity, ultimately saving time and money and putting the emphasis on care delivery. Security is critical to us at Cisco. So we build it into everything we make. Cyber threats in healthcare come from everywhere: the network, medical devices, even employees. Cisco’s security solutions help increase visibility and stop threats in their tracks.”
Vishak Raman, Director, Security Business, Cisco India and SAARC
“While it has been more than a year since the pandemic struck, threat actors are still hell-bent on disrupting the networks of healthcare facilities. Since healthcare IT systems contain sensitive patient data, the sector has long been a target for hackers. Cybercriminals are drawn to healthcare networks because of widespread flaws that offer lucrative opportunities, which is why attacks are on the rise. Ransomware-as-a-service has become the norm in the cybercrime community in the healthcare industry this year,” says Akshat Jain, CTO & Co-founder, Cyware.
Despite the huge benefits telemedicine, digital health records, internet-connected medical devices, and patient wellness apps have brought to health care, cyber criminals are exploiting vulnerabilities in these digital health services on a daily basis. Healthcare institutions need to improve their cybersecurity game to avoid cybercrime risks and damages. Every healthcare stakeholder needs to #BeCyberSmart and build security into design, both for devices and platforms that healthcare institutions are using. Furthermore, healthcare organizations must start operationalizing threat intelligence to stay cognizant of threats lurking in their environment and take proactive mitigation actions through automated response systems before any adverse incident is experienced. Situational awareness combined with threat intelligence sharing are critical to ensuring digital security in the healthcare industry.”
Akshat Jain, CTO & Co-founder, Cyware
“Globally, ransomware attacks have been one of the biggest threats to cybersecurity, particularly in the healthcare sector. As per Sophos’ The State of Ransomware in Healthcare 2021 report – 34% of healthcare organizations were hit by ransomware in the last year. Hospitals and health systems are, quite unfortunately, ripe for ransomware and other cyberattacks. Some of the factors most responsible for the rise in healthcare-targeted cyberattacks are due to the nature of the industry itself, like decentralized operations across hospitals and healthcare providers, and exponentially growing volumes of patient health information being captured and stored electronically (i.e. electronic health records) by health systems, ” says Sunil Sharma, MD-sales, Sophos India & SAARC.
The sudden onset of the pandemic forced healthcare providers to very quickly set up emergency COVID-19 facilities, with little time to plan out robust IT security infrastructures to protect these facilities. Due to the lack of trained staff and poorly protected systems, attackers manage to find organizations’ biggest security gaps and they’ll continue to exploit these weaknesses, until a collective shift in mindset can be realized.
Healthcare providers need to invest in technologies like EDR with human-led threat hunting, deploying lightning-fast incident response, risk assessment so that they know what threats they face, understand the vulnerabilities and assess the likelihood of being attacked. And most importantly part of their cybersecurity plan must be to make sure all their staff are aware about the risks they can potentially face as well their responsibilities towards safeguarding their data. Education in this space is the need of the hour, and should be a part of every healthcare providers’ cybersecurity strategy.”
Sunil Sharma, MD-sales, Sophos India & SAARC
Cybercrimes are advancing at a rate which we can no longer afford to ignore. If everyone does their part by implementing stronger security practices, raising community awareness, educating vulnerable audiences, our interconnected world will be safer and more resilient for everyone.