Healthcare providers are a hot target with cyberattacks increasing in frequency and intensity. Why so attractive? To start with, there is the vast scope of patient data contained within hospital IT networks. Then, there’s the technological heterogeneity – countless diverse technologies from a variety of vendors all with different security postures. And finally, quality patient care, not cybersecurity, is the main priority at budget time.
HIMSS Analytics conducted a survey* to discover health providers’ top cybersecurity concerns for 2018. These included:
- The importance of security for endpoints and medical devices – complex because of the number and variety of endpoints including any number of internet-connected medical devices, from imaging machines to infusion pumps. Inadequate endpoint protection can be exploited by cyberattackers to deploy malware into the hospital environment
- The rise of ransomware – a decade ago, a virus in the system would delete data, because that’s all the technology allowed for at the time. Now, instead of stealing medical records and trying to sell them on the black market, threat actors can hold hospitals hostage and collect their ransom on the spot.
- Email protection and phishing prevention – regardless of how many cybersecurity defences an organisation has in place, at some point, a questionable email is going to arrive in a user’s inbox.
- Securing patient portals and patient data – cybersecurity in healthcare often requires a balancing act between access and security. Patients need to be able to access their own information and use it but ultimately this means opening more doors for attackers.
Today’s threat environment requires a multi-layered approach to cybersecurity based on security enforcement points that natively integrate with each other and share threat information across the entire environment.
This is what characterises a security platform:
- Coordinate action at all enforcement points through threat intelligence sharing this ensures that when an anomaly is detected in one part of the security platform, that information is quickly shared across the platform for prevention everywhere.
- Automate prevention for real-time protection because most healthcare providers don’t have the headcount or skill sets they need to manually respond to the continuing stream of cyberattacks targeting their organisation.
Next-Generation Security everywhere Protected Health Information exists
- Endpoint security products deployed to all endpoints effective at preventing malware and exploits – including previously unseen threats.
- Support the “zero trust” approach to network security deployed properly, very effective at stopping ransomware and other types of threats. Insight provided by a security platform that has a next-gen firewall at its core is needed to make a zero trust environment work properly.
- Reduce risk of unmanaged devices through next-generation security capabilities traditional firewalls have limited capabilities and are quickly becoming obsolete but next-gen firewalls can look at the traffic on a network, identify it to a very granular level and make intelligent decisions based on what that traffic is.
Capabilities to reduce ‘human factor’ risks
- Support credential theft prevention to mitigate phishing attacks when a user receives a phishing email, credential theft prevention is a feature that automatically prevents users from sending their user name and password out to a malicious site.
- Integrate with an advanced malware sandboxing service a next-generation firewall can detect concerns such as an email with a potentially malicious file attachment passing from one area of the network to another.
Optimised Network Visibility
- Provide real-time or near real-time insight into network traffic a big-picture view of traffic ebb and flow, what applications are being used and the threat level of the users can give security personnel a better sense of what is taking place at any given moment.
The bottom line for healthcare providers is that regardless of the type of threat, a single line of defence is no longer adequate. We partner with Palo Alto Networks the next-generation security company maintaining trust in the digital age by helping organisations and healthcare providers prevent cyber breaches.
* Healthcare IT Cybersecurity Study”, conducted by HIMSS Analytics, commissioned by Palo Alto Networks, October 2017
‘Prescribing Cybersecurity for Healthcare’ taken from HIMSS Analytics and Palo Alto Networks whitepaper entitled ‘Navigating Healthcare’s Biggest Cybersecurity Challenges in 2018’.
Learn more about Palo Alto Networks Traps Advanced Endpoint Protection.