Health IT, Hospitals, MedCity Influencers, Health Tech

Protecting hospitals from evolving cyber threats

Prevention and cyber resiliency—an organization’s ability to bounce back and operate in the event of a cyber attack—have become all the more important as cyber threats have increased during the pandemic.

In parts one and two of this series, we focused on the challenges and solutions to help hospitals and healthcare systems improve asset management and medical device security. In the final installment, we will cover why asset management alone is not enough.

In the evolving threat landscape facing hospitals and healthcare systems today, asset management—the process of creating an inventory of the devices connected to a network—is critical to identifying potential threats. With thousands of IoT and connected OT devices on a hospital’s network, and thousands more being connected every year, this has become increasingly difficult, but there are steps a hospital can take to improve asset management and visibility across the network.

However, with ransomware attacks on hospitals increasing 123% in 2020 and continuing to plague hospitals and healthcare systems throughout 2021, asset management alone is not enough to stop cybercriminals. Try as we might to keep hackers at bay, cybersecurity preparation and resiliency—not just prevention and threat detection—have become crucial components of a hospital’s cybersecurity strategy to ensure they can continue providing care in the event of an attack. If prevention is no longer enough, what does a robust cybersecurity program look like for hospitals, and how can you prepare?

Cyber resiliency—not just cybersecurity

A new buzz word has emerged in the cybersecurity space over the last several years: cyber resilience. This refers to an organization’s ability to bounce back and even continue to operate in the event of a cyber attack. With new and increasing cyber threats throughout the Covid-19 pandemic, resiliency—and not just prevention—has become all the more important.

With limited funds and resources to address cybersecurity threats, many hospitals and healthcare systems are not yet truly cyber resilient. Cybersecurity providers—including Cynerio—are partially at fault for placing too much emphasis on asset management without ensuring hospitals have the tools they need to mitigate attacks and continue patient care in the event of an attack. This can come with damaging or even deadly consequences in the event of a ransomware or other attack, with a recent Ponemon Institute report finding that ransomware can lead to increased mortality in healthcare environments.

Unfortunately, this has already become a reality for one hospital. Alabama-based Springhill Medical Center made headlines last year for a 2019 cyber attack that left healthcare providers without access to critical medical equipment and records. Without tools and resources, healthcare providers missed a newborn in distress, ultimately resulting in the infant’s death nine months later.

Preparing for a cyber attack

In light of these recent events, there are several steps and strategies hospitals can adopt to improve their cyber resiliency.

  1. Cybersecurity training: How do cybercriminals get into a hospital’s network? Often, through employees. Maybe they click a suspicious link or download a malicious file from an email, or they bring an unsecured device and connect to your hospital’s network. Education is key to helping employees recognize signs and practices that could leave your hospital vulnerable to cyber attack.
  2. Zero trust security: Zero trust is exactly what it sounds like—it is a cybersecurity model that eliminates trust by restricting access to an organization’s network and the devices contained on it. Rather than allowing anyone, or any device, to automatically join your network, hospitals should require strict identity verification for all users and devices.
  3. Network segmentation: Network segmentation divides a network into multiple parts, with each segment acting as an isolated sliver of the network. More segments mean a more secure network, since they make traversing the network without authorization much more difficult for adversaries. Network segmentation can address the vast majority of critical device risks, yet most hospitals still operate on a flat network, allowing cybercriminals free rein to access critical data and resources once they’ve entered the network.
  4. Prepare for the worst: Even with the above steps, there is always a chance that cybercriminals will find a way into your hospital’s network to carry out an attack. This is why preparation is key. Just as you would carry out a fire drill to ensure staff are prepared in the event of a fire, you must make sure that all staff—both in and outside of the IT department—are aware of the steps to take in the event of an attack. As in the case of Springhill Medical, it is also important to ensure healthcare providers are either properly trained to continue providing quality care offline, or that a device remediation solution is in place to ensure devices can continue operating safely while under attack.

Prevention strategies, such as asset management, are still necessary for protection against cyber threats. But asset management alone is no longer enough to secure hospital networks. Cyber resiliency provides an added layer of protection to ensure operations can continue, patients remain safe and healthcare providers have the tools they need in the event of a cyber attack.

Moving forward, cybersecurity providers need to place a greater emphasis on cyber resiliency, providing hospitals with solutions to remediate and mitigate in the event of an attack. After all, with visibility alone, all hospitals can do is watch as an attack happens, when we need to give them the tools to fight back. In the new world of cyber threats, it could be the difference between life or death.

Photo: traffic analyzer, Getty Images


Avatar photo
Avatar photo

Leon Lerman

Leon Lerman is the co-founder and CEO of Cynerio, Inc., a full-suite Healthcare IoT platform that enables healthcare providers to secure patient data and connected devices against cyber threats. He has over 15 years of experience in innovative technology development, served in Israel's elite Unit 8200 cyber technology division, has served as a trusted security advisor to Fortune 500 companies, and has earned international recognition for excellence in the cybersecurity industry.

This post appears through the MedCity Influencers program. Anyone can publish their perspective on business and innovation in healthcare on MedCity News through MedCity Influencers. Click here to find out how.

Shares0
Shares0