Three areas that should be prioritized when working to improve healthcare digital security practices.
Photo/Thumb have been modified. Courtesy of Mnet Financial.
Digital innovation has revolutionized the healthcare industry and medical services. In addition to providing new, cutting edge treatments, the implementation of new digital solutions also enables healthcare facilities to cut costs without sacrificing the level of care they provide. Furthermore, network advancements have had a profound effect on providers’ abilities to offer comprehensive remote care to patients who require treatment from home or are unable to make it to a medical facility.
While digital transformation has undoubtedly benefited the healthcare sector, it has also made it a prime target for cyber criminals looking to steal valuable patient data or hold online resources for ransom. As a result, protecting against cyber threats has become a necessity, with healthcare providers increasingly relying on their IT and security teams to thwart malicious actors and manage security across networks. The challenge is that the sector’s rapid digital transformation, and partnership strategy to expand clinical services, has made it difficult for security teams to adequately manage emerging cyber threats and protect patient data.
An attack on a healthcare network has the potential to be life-threatening, so assessing and managing risk is of paramount importance. With that in mind, understanding how to manage the security of digital solutions requires knowing the exact security risks each new technological innovation and digital service poses.
There are three areas that should be prioritized when working to improve healthcare digital security practices:
The growth of telemedicine has shifted the medical landscape considerably over the past few years. Providers now increasingly rely on online tools and connected medical devices to monitor patient health, provide accurate diagnoses and even deliver medical procedures over broadband connections, such as surgical assistance.
The growth of telemedicine has also benefited patients through increased control over their medical information and treatment plans. To get the most out of telemedicine, however, healthcare providers must ensure that the technologies they are using cannot be exploited by cyber criminals. The need for secure telehealth solutions has been heightened further in light of the FCC’s proposed Connected Care Pilot Telehealth Program, which would expand telehealth solutions to low-income Americans and veterans.
However, the increased level of network activity required by telehealth solutions can make detecting and managing cybercrime very difficult for healthcare IT teams. To secure their telehealth initiatives, healthcare providers require visibility into their network infrastructure, the operating systems and functions of the IoMT (Internet of Medical Things) devices in place and data movement across their network. This will ensure that at-risk devices and potential threat activity can be isolated and managed so critical patient data remain secure.
There are a growing number of tools and strategies available that make this level of visibility achievable, and they should be considered by operational areas responsible for securing telehealth solutions:
Insider threats have the potential to be just as, if not more, dangerous than external threats since internal threat actors almost always have privileged access to a network. This can make protecting against threats incredibly difficult, not only because they are initiated inside the secure network perimeter, but also because internal attack methods are often not the same as those conducted by external threat actors.
Insider threat actors can typically be broken down into three categories:
Part of the reason why insider threats pose such a great risk to healthcare providers is that protecting against them requires full visibility into the network. While there are some actions that healthcare providers can take to protect their networks, such as employee training and network segmentation, protecting against insider threats will increasingly pose a challenge for this industry without deep visibility into devices, behaviors and activities and the ability to compare them against established baselines. Complicating this further, healthcare typically has high turnover in administrative functions and clinical staff, which means systems and processes need to be documented and embedded in the network to avoid the loss of critical institutional intelligence when a system administrator or other IT professional leaves the organization.
Connected medical devices have quickly become a mainstay within the healthcare sector due to the benefits they have for supporting coordinated care. These connected medical devices allow doctors to monitor the health of patients remotely and in real-time. For some groups of patients, these devices are critical to their health, such as those who rely on them to regulate blood sugar levels, monitor heart conditions or treat chronic disease. The issue is that far too many of these connected devices are inherently insecure and vulnerable to the same types of attacks that threaten other digital devices. What makes this particularly dangerous is that an attack on a connected medical device can be life-threatening, which is why the healthcare industry, including the developers of IoMT devices, must take action to secure them moving forward.
Adding to the complexity of the issue is the fact that physical proximity is not required to compromise a connected medical device. If cyber criminals can gain access to a healthcare network by exploiting a vendor, penetrating a cloud data service or through a health system application, they will have access to all of the devices connected to that network.
Securing digital solutions is a necessity for healthcare providers undergoing digital transformation. Cross-network visibility, real-time assessment of potential threats, understanding which threats need to be prioritized and working through remediation tactics will improve the overall security of a healthcare facility. For this reason, security personnel must use planning and threat analysis in their efforts to protect against both internal and external threats.
About the Author: Sonia Arista is a seasoned information security and technology specialist with over 20 years’ experience. At Fortinet, she is responsible for the go-to-market strategy, solutions and sales growth for the company’s healthcare business.
Get the best insights inside digital health. Register for our newsletter.