Healthcare Providers have become the number one target of cyber criminals world-wide. Three federal agencies: FBI, CISA and Department of Health and Human Services, even issued a warning of these impending and persistent ransomware attacks being launched against the U.S. healthcare system. These attacks are disrupting patient services, stealing patient data and affecting lifesaving medical devices. My company works with myriad healthcare providers and are seeing persistent and aggressive attacks coming in many different forms and attack vectors against medical devices, remote workers, cloud misconfigurations, application/API’s and human negligence. And why not? Healthcare providers are a treasure trove for cyber criminals because the breach pays handsomely and they can cash in multiple times. Here are 4 critical defenses Healthcare Providers need and need now to protect their patients, employees and overall organization:
- Be Aware, Get Educated: Everyone in a healthcare system needs ongoing and regular training to understand how to identify phishing and potential breach scenarios. Have you deployed ongoing training or do you just do it once a year?
- Monitoring, Detection and Response – 24/7 SOC-as-a-Service: Ok this one is self-serving because my company is a SOC-as-a-Service for healthcare providers. But every single healthcare organization needs machine learning technology and cyber experts watching their endpoints, networks, devices and cloud 24/7 to detect anomalous behaviors across your entire digital infrastructure. And if a vulnerability is detected you need human intervention and response within 30 minutes, not tomorrow morning when the team gets in.
- User Behavior Analytics: Monitoring networks, clouds and medical devices is one thing but truly understanding internal and external user behaviors and anomalies is critical. Predicting vulnerabilities and attacks and how you can protect your entities from human negligence and maliciousness is the next generation of understanding how secure your cyber posture truly is.
- Hardening, Patching and 3rd Parties: Have you deployed multi-factor authentication, is your cyber strategy reviewed and up to date, have you implemented the latest security patches and deployed tools to ensure you are on top of everything in your hybrid digital infrastructure. Finally have reviewed and audited your most critical third party partners. Because they can often be the weakest link in your cyber posture.
I understand priorities have been reassigned due to COVID and budgets are projected to be slightly up from 2020. But time is of the essence to strengthen your defenses to ensure your patients are safe and your operations will not be disrupted.