Healthcare is one of the industries most threatened by cybersecurity risks. It has been forecasted that the Internet of Medical Things (IoMT) will grow from an estimated 4.5 billion devices in 2015 to as many as 30 billion by 2020.
Private health information is now more valuable on the black market than most other forms of personally identifiable information and it’s also a prime target for hackers considering its devices and technologies are essential to care for patients.
For healthcare providers, connected medical devices make their job much more efficient and accurate, but those devices are also a welcome breeding ground for cyber attackers. These technologies are increasingly relied upon and pose vulnerabilities to data breaches, cryptocurrency mining from hijacked drug infusion devices, or ransomware that can debilitate a hospital and put patients at a severe risk.
To protect your healthcare business against risks, especially those from medical devices, you need a consistent and systematic approach. Following the roadmap delivered by the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework, will set you on the right track to develop a comprehensive risk management strategy. Five steps are outlined in the framework: Identify, Protect, Detect, Respond, and Recover. Here are ways you can implement the 5 steps, and prevent future attacks.
- Conduct a risk analysis to identify risks and prioritize vulnerabilities.
- Include medical devices in these risk assessments. It was found that only 47 percent of surveyed organizations included medical devices in their security risk assessments.
- Once you’ve discovered the assets and understand the attack vulnerabilities, you can implement effective prevention strategy.
- Use best practices to assess vulnerabilities including the following:
- Common Vulnerability and Exposures (CVE)—comprehensive catalog of software and firmware vulnerabilities submitted by the international cybersecurity community.
- Common Vulnerability Scoring System (CVSS)—open framework for scoring the CVEs to prioritize remediation.
- Practice continuous patching.
- Instead of using patch management only after an attack, practice patch management when the existing infrastructure is strong enough to ward off cyber attacks.
- Repair existing system vulnerabilities in real time with automated patch managing, drastically reducing the risks of cyber attacks.
- Require two-step authentication whenever transferring patient data over any network system. It might take a bit more time, but it will also reduce the risk of an attacker penetrating your IT system.
- Train clinicians in the importance and practice of cyber security. They are the front lines of defense, and without the participation of healthcare personnel and physicians, many other protections will fall short.
- Identify abnormal and suspicious activity by regularly reviewing audit and system activity logs.
- Consistently monitor the IT and OT networks for threats by establishing a security operations center (SOC).
- SOC-as-service partners are great options for healthcare organizations who lack the expertise, technology and budget to establish their own.
- Establish a contingency plan including data backup and disaster recovery, testing periodically, to ensure data is recoverable.
- Implementing access controls to limit access to ePHI.
- Encrypting ePHI, as appropriate, for data at rest and data in motion.
- Establish a security awareness and training program. Include recurring security reminders and education awareness.
- The average healthcare organization spent $1.4 million to recover from a cyberattack, according to a recent report from Radware. Prevention is key to recovery.
- Inform customers and clients, proactive communication can reduce the loss of return clientele.
- Have a response plan ready for unfortunate attacks.
- Use a cyber security specialist to help you navigate steps after an attack.
If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.