Check Point Software Technologies is warning the healthcare sector that it needs to urgently increase its cyber security defenses this World Health Day. Recent data from the company reported that the industry has experienced a 78% year-on-year increase in attacks globally, with an average of 1,426 attempted breaches per week, a concerning statistic given the criticality of health services.
In its latest Security Report, Check Point identified that this hyperfocus on disrupting our national infrastructure stems not only from the appeal of gaining access to our most sensitive data and medical records, but also the guarantee of media coverage. Both factors put victims under immense pressure, increasing the likelihood that a high ransom fee will be paid.
Specifically in the Middle East, the healthcare sector is the most impacted industry with an average of 3068 weekly attacks per organization over the last six months. The severity of such attacks cannot be emphasized enough, as they can result in life and death consequences. In fact, a survey conducted by the Ponemon Institute found that more than 20% of healthcare organizations reported an increase in patient mortality rates after experiencing a breach.
The healthcare sector is vulnerable for several reasons. Firstly, the increased sophistication and quantity of cyberattacks is not a threat these companies are set up to deal with. Many hospitals rely on a blend of old and new technologies, most of which are either not directly managed or forgotten due to improper documentation. This problem has only increased over time as more IoT and medical devices are added, despite rarely being built securely by design and worrying not being actively managed by the IT team. The current cybersecurity skills shortage also means there’s a lack of expertise to help manage this widening attack surface.
Despite these challenges there are technologies and strategies that can help protect healthcare providers. Here are five key elements that every organisation should follow to ensure maximum security:
- Communication: ‘a chain is only as strong as its weakest link’. Companies need to educate employees on how to stay secure. If not properly managed, any device that has access to a network is a gateway for cybercriminals to all connected devices. This problem has multiplied with hybrid and remote working practices and a proliferation of personal mobile devices being used to access medical data in email and Microsoft 365
- Visibility and segmentation: it is impossible to successfully secure a network without understanding all the assets it contains. Having a comprehensive view, including cloud and data center assets, will expose any weaknesses, such as possible unpatched security updates or devices that have outdated firmware. Once the network is mapped, strategies such as segmentation can be implemented, which creates virtual internal barriers that prevent cyber attackers from moving laterally and causing widespread damage.
- Consolidated security is now a must have: with email continuing to be the #1 threat vector, followed closely by vulnerabilities and misconfigurations, a strategy of implementing multiple single-point solutions is no longer adequate protection. Security operations need full end-to-end visibility, less false positives, and absolute confidence that all vectors have the same elevated level of shared threat intelligence and prevention-based security, ensuring that every potential threat is covered.
- CISOs must do their part: the role of a CISO is to ensure that executive management has a clear and articulate understanding of the risks an organization faces. Their job is to make these points clear in a language that is easy to understand for all positions, as well as to explain the business consequences of weak security. If there is a general lack of communication between CISOs and the business, that must change to better secure critical services.
- Collaboration is key:companies in all sectors need to elevate their cybersecurity programs, but they cannot do it alone. Security vendors need to work together to create unified cover against threats, and a unified regulatory body should be adopted to help implement standard practices and reduce disparities in cybersecurity spending.
“Many healthcare organizations have good risk management in place but lack a consolidated, collaborative and comprehensive strategy that offers true cybersecurity resilience. The threat level continues to grow, and the consequences can only get more serious” explains Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East. “Such attacks can not only disrupt operations for these healthcare organizations but lead to loss of lives if services are prevented from being delivered. It is necessary to have solutions to take immediate action, but, above all, to ensure prevention of such attacks in the first place, rather than just detection“.