Preventive security is the antidote to curb cyberattacks on healthcare organisations

Dick Bussiere, Technical Director APJ, Tenable

India’s ambitious push towards digital health infrastructure is promoting easy access to healthcare for millions of people within the country. Medical devices are now widely connected, offering medical teams unprecedented access to the data they need to make critical care decisions quickly and efficiently. Digital communication between patients, care providers, hospitals, ambulatory centres, and pharmacies reduces the likelihood of errors and supports the highest quality of care.

As each digital initiative makes medical services more accessible, it also carries its own set of cyber risks. Nearly 60 per cent of healthcare organisations in India encountered cyberattacks in 2023, according to a report (1) by the Data Security Council of India. The cost of healthcare-related cyber attacks is also increasing, with the average cost of 47 per cent of breaches being $5.3 million (2)

Healthcare organisations possess sensitive data, including confidential patient health information,  Such information carries a high monetary value, making healthcare providers attractive to threat actors. Healthcare organisations cannot afford downtime, as their information technology (IT), operational technology (OT), and Internet of Medical Things (IoMT) infrastructure plays a critical role in care delivery and patient safety. When a healthcare organisation experiences a cyberattack, its priority is to protect its data and keep its systems available.

Why are healthcare organisations a popular target? 

Legacy systems: Many healthcare organisations run critical care operations on unsupported legacy systems, making them more vulnerable to attacks. Providing access to sensitive health data, housed on decades-old systems, over insecure networks exposes the systems to threat actors. 

India’s digital health initiative has been nothing but revolutionary. At the same time, interconnected medical devices, and patients accessing their care portal from a smartphone are increasing the number of endpoints connecting to the IT infrastructure. Many of these endpoints are highly vulnerable, running outdated operating systems and interacting with other legacy systems.

Reactive security: Healthcare organisations are still mostly reactive (3) rather than proactive when it comes to identifying cyber risk. Over 40 per cent (4) of organisations do not have a response and recovery plan with medical device suppliers and third-party providers. This causes a slow reaction to fast-moving threats or delayed discovery of a threat that’s already in the network. IT and security leaders are aware of this, and 62 per cent (5) of them believe that they are only minimally cyber resilient. 

How can we fix these problems?

Delivering secure healthcare, everywhere 

Healthcare providers who deliver telehealth services often work remotely, requiring secure access to electronic medical records (EMRs) and other patient health information. Patients and care providers connect to telehealth services via a vast array of devices, presenting a need to secure this heterogeneity. However, the use of expensive, siloed security solutions drives complexity and results in inconsistent security assessments across care channels. Without seamlessly integrated solutions, it’s difficult to secure and monitor these distributed and loosely coupled systems.

A unified cybersecurity solution is the answer to this problem. It continuously monitors the distributed environment and enables a consistent security monitoring and enforcement model across all applications, devices, users, and data. Such a system simplifies the process of onboarding new systems and users and delivers secure and controlled interconnectivity between providers, medical centres, and remote clinics.

Securing medical devices 

Using connected devices dramatically increases the number of endpoints connected to IT infrastructure. Today, IoMT devices play a crucial role in patient care and it is essential to secure them at all times. However, many of these devices are inherently vulnerable, making them an attractive target for cybercriminals.

Connected devices are inherently difficult to secure, as some are managed by IT teams, while others are managed by third parties or not managed at all. The rapid deployment of IoMT is outpacing security. With distributed devices and distributed security monitoring, visibility becomes limited, increasing the difficulty of automating threat detection and response and increasing cyber risk. 

A unified platform approach to connected IoMT devices ensures endpoints are monitored passively, and with active querying, automating device discovery, visibility, security policy enforcement, and threat monitoring. It breaks down silos and leverages threat intelligence, helping organisations proactively go after threats and investigate suspicious behaviours.

Each step towards digitalising patient care must also be a step towards secure healthcare. It begins with consolidating security tools—for both IT and OT, that span across networks, on-prem, and the cloud.

As healthcare organisations unify and simplify the security stack, they can accelerate modernisation, maximising the value of data, which leads to improved patient outcomes and care efficiencies. The healthcare industry is at an inflexion point where security can make or break the business, and it’s time all eyes are focused on preventive measures that establish effective deterrence and drive secure operations across the board. 

 

References

  1. https://www.dsci.in/resource/content/india-cyber-threat-report-2023 
  2. https://www.pwc.in/assets/pdfs/digital-trust-insights-india/digital-trust-insights-india.pdf
  3. https://h-isac.org/partnered-report-healthcare-cybersecurity-benchmarking-study-2024/
  4. https://h-isac.org/partnered-report-healthcare-cybersecurity-benchmarking-study-2024/
  5. https://www3.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2024.pdf

 

cyberattacksData Security Council of India.healthcare-related cyber attacksInternet of Medical ThingsIoMT
Comments (0)
Add Comment