Keith Glancey, systems engineering manager at Infoblox, explains how being proactive and ramping up approaches to cybersecurity, is the best approach.
The COVID-19 pandemic changed the delivery of healthcare at a global level. It also changed the digital infrastructure that supports it.
The mass adoption of new technologies and services, such as telehealth, paired with the shift to home working, meant that healthcare organisations were forced to engage with more cloud resources than ever before. Whilst this shift was necessary in order to continue to deliver lifesaving services and treatment, it also exposed serious vulnerabilities in the handling and processing of healthcare data.
As cloud technology has become prolific, it has also become a prime target for cyber criminals looking to exploit healthcare data. This is something that is set to continue, with recent research from Infoblox discovering that healthcare professionals expect cloud vulnerabilities and misconfigurations, IoT attacks and attacks to manipulate data and statistics to be the top cyberthreats they will have to confront in the next 12 months.
In order to avoid the potentially devastating data breaches and ransomware attacks of tomorrow, healthcare organisations need to act today. Failure to adopt a proactive approach to cyber security could be costly, both in terms of financial repercussions and in terms of human life.
Protecting one of healthcare’s most valuable assets
Healthcare organisations around the world depend upon Protected Health Information (PHI) to treat their patients. As well as personal details – such as address, date of birth and contact information – PHI also includes medical histories, previous test results and even insurance information. It helps providers to determine the best course of treatment to effectively care for their patients.
However, PHI is also highly prized by attackers and looms increasingly at large in the pantheon of data at risk. This is because it is very profitable and provides multiple types of monetisable assets, such as financial data, personal data and data that can be used for ransom attacks. To put it into perspective, credit reporting agency Experian puts the value of a healthcare data record at $1,000 on the dark web, compared to a credit card number’s value of $5.
Attacks that target PHI and other healthcare data can be extremely costly. Infoblox’s 2021 Healthcare Cybertrend Research Report discovered that worldwide data breaches alone cost more than $2 million for almost half (43%) of all healthcare organisations that experienced them. Included within this figure is the cost of remediation as well as the significant operational disruptions that were mentioned as the greatest consequence of a cyberattack for around half of all respondents.
On top of this, regulatory penalties for failing to protect patient data can be significant. In fact, the largest fine ever served to an NHS Trust by the Information Commissioners Office was around £325,000, after hospital hard drives containing PHI were sold on eBay. Whilst this event was caused by human error, the consequences of falling victim to a successful data breach or ransomware attack can be just as severe.
With our new cloud-centric environment expanding the attack surface even further, healthcare organisations need to shore up defences and strengthen their infrastructure to ensure that they do not fall victim to new attacks from bad actors.
Taking a proactive approach
When boiled down, protecting healthcare data is just like protecting any other type of data. Foundational security – such as that provided by secure DDI (DNS, DHCP and IPAM) solutions – is usually the best place to start. This type of technology can plug the gaps that other tools miss and ensure that network security is extended from the core to the edge.
This is because DDI helps to augment visibility into network activities and increase control. It grants visibility into networking activities, no matter where devices might be connected from. This is particularly useful when you take into consideration just how many devices are used in a medical setting – from employee laptops to implanted medical devices such as pacemakers and telemetry systems to report patient information.
For healthcare organisations, DDI can help to pinpoint threats at the earliest stages, identifying compromised machines and correlating disparate events related to the same device. 90% of malware touches DNS - the first D in DDI - when entering or leaving the network, making it a critical detection tool that, when connected to the security stack, can enable stronger threat remediation. Ultimately, DDI enables the IT teams operating within healthcare organisations to quickly detect and fix any vulnerabilities, no matter where they originate.
With PHI becoming an increasingly profitable target for cyber criminals, it’s never been more important for healthcare organisations to step up their game when it comes to cybersecurity. The global shift to cloud services has revealed some serious vulnerabilities that cannot be ignored. Moving forward, a proactive approach to cybersecurity – which incorporates modern technologies like DDI – is key in order to protect healthcare data, avoid financial loss and, ultimately, save lives.
