The Current State of Cybersecurity in Healthcare
17 November 2020
We live in a hyper-connected world which is increasingly complex – it is by understanding the biggest risks to your sector, that you will understand the most effective ways of managing those risks. And with healthcare becoming one of the most vulnerable and highly-targeted industries in the world – it’s time we addressed the issue…
Over the past 10 years, cybersecurity in healthcare has become an increasing challenge, primarily led by the diversity of the infrastructure, the vast benefits of sharing digital data, and the breadth of access needed by users whose primary function is anything but IT. Add to this the industry propaganda of the latest and greatest shiny toy that discovers every breach, insider threat and catastrophic vulnerability all within 60-seconds of plug and play!
Yes, we’ve all heard it, hoped it was true and then blindly followed the dream until we accept it is not quite that easy. Ultimately though, this dream often clouds the starting point of the problem resulting in us starting from the wrong point; and this issue has only got worse as technology tools mushroom in offerings that all seem to cross over each other.
A situation intensified by COVID-19, as organisations have been exposed to an array of new security challenges, from the exploitation of overworked IT staff to the hundreds of now remote employees, using unknown and unmanaged devices. One of the best steps that healthcare organisations can take towards better cybersecurity is performing regular risk analysis, because it helps you get the simple things under control. This activity provides you with a clear understanding of your organisation’s weaknesses, alongside other valuable information, such as suspicious behaviour on your network and certainty that controls you have in place are working efficiently.
To learn more about cybersecurity in healthcare and how you can help protect your patients and organisation from a cyberattack or data breach, download our eBook.
Spending on cyber defence lowers the risk of a breach but investing in recovery means a quicker return to business. Getting the balance right minimises the impact of a cyberattack.
In a major update to the recent FireEye security incident, it has now been revealed that a sophisticated and long-lasting supply chain attack against technology vendor SolarWinds was responsible for the breach.
Cybersecurity firm FireEye has suffered a sophisticated state-sponsored breach resulting in the theft of their “red team” tools. To help affected organisations understand what they should do, this advisory contains several actionable steps our team suggests and further recommendations for security mechanisms to help manage/prevent these attacks.