Emerging technologies are advancing at pace, digital economies are developing around the world, making cyber security a top concern for governments, businesses and individuals alike.
Cyber criminals prey on industries that handle sensitive and valuable data as a lucrative target for attacks. The healthcare sector is a prime example, storing masses of information on individuals, from personal details to diagnoses and health information.
“The recent attack on HCA Healthcare highlights that the sector must remain vigilant,” says Achi Lewis, Area VP EMEA for Absolute Software. “The attack left the data of any past or present patients at risk, amounting to roughly 11mn people. While reports suggest that no clinical information, payment information or sensitive information was stolen, every data breach should be treated with critical concern and as a reminder that cyber resiliency is needed.”
Exclusively in Healthcare Digital, Lewis discusses cyber resiliency in the healthcare sector.
The complex healthcare ecosystem
It is not just patients who are at risk, but businesses as they face potential monetary loss if criminals demand ransom payments, or reputational damage when the public become aware of an attack.
“Attacks can cause mass disruption for everyone involved, meaning organisations should focus on revising their approach to ensure the most robust, resilient security strategies are implemented,” says Lewis. “The healthcare sector not only holds a large amount of public information but as they undergo digital transformations, relying more heavily on technology and data to improve operations, relieve stress from medical professionals and provide patients with top class services, the threat increases.”
The nature of a healthcare professionals job involves the constant accessing of patients’ files and information continuously being shared with other departments or relevant bodies meaning assessing who can access what, and when, is not a straight-forward task. With this increase in digital tools added to the mix, the problem becomes even more complex.
“Technology is helping health and care professionals communicate better and provide patients with access to the care they need, more efficiently,” says Lewis. “For example, devices and apps now exist that can support remote monitoring for patients, such as wearable arms gadgets that send information automatically to a mobile app to allow diabetes patients to keep track of their glucose levels.”
Additionally, AI is increasingly being used to analyse large quantities of complex information for purposes such as speeding up the detection of diseases.
“For this to be done effectively, large amounts of data must be stored and accessible, acting as an attractive opportunity to cyber criminals,” adds Lewis. “For the healthcare sector to maximise the benefits of technology while minimising the worry of breaching regulations or putting data at risk, stringent cyber protections must be considered and implemented to protect both patient and organisation.”
Businesses must ensure high-quality security hygiene around their endpoints, continues Lewis. With the increase in devices used within the healthcare sector, the job of monitoring them all has become far more difficult and knowing exactly where devices are and keeping them up to date must become a priority.
“Complexity around devices, OS versions and combinations of apps on the multitude of devices can also act as a key issue when it comes to addressing the prevailing cyber threat. Because of this, having knowledge of who is accessing data must also be paramount. This means visibility across all endpoints, which is often a second thought for organisations. Routinely monitoring access and building systems that continuously authenticate in the background will ensure that the correct person is obtaining information and this is what security should be built around.”
If it is then flagged that an unauthorised person has gained access and data has become compromised, security procedures must be in place to react and protect the data.
“Technology now exists that can monitor device and application behaviour and react to unexpected circumstances to keep devices secure and valuable data safe.”
Resilient zero-trust in healthcare
According to Lewis, visibility, control and self-healing capabilities across endpoints should now be the priority for all healthcare organisations who wish to protect themselves and their patients’ data.
“Due to the complex landscape that exists within the industry, zero risk will almost never be achievable. Ensuring a plan is in place, as well as maintaining a constant analysis of what is happening across endpoints to ensure risks are minimised, should be the goal,” he says.
It is vital to invest in technology that provides visibility and insights with the ability to track devices, monitor applications and their health while constantly assessing the risk that devices are exposed to.
“When devices become compromised, self-healing technology can automatically lock devices, shut them off to users and push updates and repair or reinstall critical controls if required,” Lewis adds. “This can be done without the need for human interaction, providing a more efficient and instant reaction to threats and minimising the chance of a successful breach.”
The healthcare sector faces an increased cyber threat, meaning a revised approach to security is now required. As the digital world develops, so must cyber strategies and technologies in order to protect patient data and prevent organisational disruption and damaged reputations.
Other magazines that may be of interest - Manufacturing Magazine.
BizClik is a global provider of B2B digital media platforms that cover 'Executive Communities' for CEO's, CFO's, CMO's, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.
BizClik, based in London, Dubai & New York offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.