How to fight cyberattacks in the healthcare sector

To date, the record for the fastest vaccine developed was held by the mumps vaccine. The time it took? Four long years. On the other hand, as of early September 2020, there were 34 vaccine candidates for Covid-19 being tested in humans, according to the World Health Organization (WHO); a mere ten months since the pandemic began. This record development has been possible with the active and aggressive use of technology and A.I., which aided scientists in key steps of vaccine design.

A.I. was a catalyst and thankfully, we finally have vaccines against SARS-Cov2. Just how the vaccine is a by-product of humans interacting efficiently with technology, various other advanced technology is being used in centers of health to render top-notch care to patients. However, cybercriminals are looking to disrupt the very technology that was created to heal. They are stealing and manipulating data or directly handicapping the Provider. For instance, in Dusseldorf, Germany, a critically ill patient died because the closest hospital was unable to admit her as a consequence of a cyberattack that crippled their Hospital Information System.

The past year was extraordinarily tumultuous for the healthcare industry—not only as a result of the pandemic but also because of the repeated cyberattacks on various clinics, centers and hospitals, insurance companies, and others. While hacking into a CT machine, for instance, may be difficult, sabotaging the system connecting all the CT machines in a hospital’s ecosystem is easier. Similarly, connected Electronic Health Records (EHR) can all be breached through a ransomware attack on the central server. With EHR systems, doctors have immediate access to critical data, which can be the difference between losing a limb or a life. Now, imagine if that data was unavailable. This is precisely what happened at Universal Health Services where they lost computer services at all 250 of its U.S. facilities by a malware attack.

Unsurprisingly, IoT impacted devices during cyberattacks raised the cost of a data breach by ~$190,000 making it a direct business concern as well. At a time when digitisation clubbed with a trend towards P4 medicine—Predictive, Preventive, Personalized, and Participatory—is sweeping the profession of rendering healthcare, cybersecurity gains top priority. The cybersecurity of a healthcare organisation stands on four key pillars of Policies, People, Technology, and Third-parties.

Out of these, technology and third-party are often intertwined in this sector primarily because most devices are outsourced, and these two pillars remain unmonitored as a result of its sheer volume. To put things in perspective, there are 1 million professionally active physicians in the U.S. as of March 2020, whereas there were 10-15 million devices! However, 70% of these medical devices are legacy systems, that is there are no patches or upgrades available—making them extremely vulnerable to cyber-attacks. In August 2017, over half a million pacemakers needed a firmware update to protect users from hackers controlling the pace, depleting batteries, and allowing connections to the device through Wi-Fi!

The solution lies within the industry itself

Security teams within this sector should take a leaf from how physicians have switched from point-in-time reports to real-time monitoring of vitals, using higher resonance imaging for better visualisation and clarity. This is precisely what is required to begin the process of redressal in this industry. With an average of 11,000 SOC alerts per day, a large number of alerts don’t get addressed by the security team triaging them. In a healthcare organization, every device has to be monitored for its breach-potential, and performing this manually is impractical and impossible. Automated Cybersecurity risk quantification is the vaccine that the healthcare sector has been asking for. Leveraging real-time A.I.-enabled software to do the same will free the security team to focus on where they actually make a more significant impact and shift the cybersecurity posture from reactive to proactive. Success breeds success, isn’t it?

However, even with such A.I.-enabled real-time monitoring, how would an organization understand whether they are stagnating, deteriorating or growing with respect to their cyber risk posture after implementing different cybersecurity initiatives? Again, the answer is within the industry. The way the field of medicine has delineated the normal range for every parameter, in cybersecurity, there is no standardized way to measure cyber risk posture yet! This quantification of risks with a real-time feed will be a game-changer for the healthcare sector, particularly because it has the most to lose without such a system in place! Over and above the direct financial impact, it is only in this sector that lives are at stake and so is the deeply sensitive information of patients- which once leaked can never be changed, unlike your credit card number or bank details.

While there are no elixir vitae for cybersecurity and nothing can make any organization 100% breach-resistant, a vaccination against cyber attacks is definitely needed. This ailing sector needs to build a breach-immunity, not only against what is happening right now but also prepare for newer variants of cyberattacks, similar to a vaccine being adapted to meet new strains. A simplified, objective, real-time and enterprise-wide digital business risk measurement can do for a business what a vaccine does for the human body. It is not about eliminating risks altogether, even a vaccine is about 90-95% effective. It is about knowing the risks and preparing accordingly. As they always say, “Prevention is better than cure”

Views are personal. The author is Vice President, Product Management & Customer Success, Americas, Safe Security.