Health News

Securing against critical cyber risks in Healthcare, Health News, ET HealthWorld

By Subbu Iyer

In the last few years, healthcare systems have taken giant leaps of transformation. From manual procedures of the yesteryears to the modern, tech-enabled operations – it surely has been quite a journey. While the automation and enhanced connectivity has been a boon to modern healthcare, it has also made systems more susceptible to cyberattacks. The formation of Internet of Medical Things (IoMT) extends connectivity across clinical, operational technology and information technology environments, binding them together in a connected ecosystem.

However, it is the same connected ecosystem that introduces greater risks to systems with exploitable vulnerabilities. The complexities of the converging medical and tech environments often leave access points inadequately guarded, resulting in malware infection and loss of valuable data. The supply chain or third-party software vulnerabilities pose a complicated challenge for healthcare organizations since the onus is on external vendors to inform them of the potential risks. Despite many vendors working on providing enhanced security, some organizations still go ahead with unsecure legacy devices due to their longevity.

The end users often choose to disable the security features put in place by the device manufacturers to gain easy access. What they often fail to realize is that such software vulnerabilities make healthcare organizations an easy target for cybercriminals, who are on a constant lookout for weaker security measures which can be exploited to steal, or in worse situations, erase valuable data from systems. In light of these factors, it comes as no surprise that there was a 71 percent increase in cyberattacks in 2021. However, such attacks can be averted by adopting these three best practices to ensure the security of complex healthcare environments.
1. Greater focus on visibility
Cybersecurity frameworks (CSFs) often mandate inventory and asset management. The primary reason behind this is that one can’t protect what they don’t know exists. Medical devices as well as other vulnerable physical security systems are often connected to networks without the end users adhering to proper change controls, allowing threat actors to slip under the nose of the network and security teams. This sort of visibility requires knowledge of all users and devices in an organization, along with a deeper understanding on how these devices are connected to each other, and what sort of software (or third-party software) is running on these devices. Lack of this visibility can lead to blind spots upon the discovery of new vulnerabilities. An imperative aspect of visibility is insight into legacy devices and operating systems, since they are inherently vulnerable. Many medical device manufacturers often avoid patching these legacy devices for the fear of triggering an arduous FDA review. Nevertheless, greater focus on visibility should be adopted as a norm.2. Segmenting network
In the labyrinth of connected networks, it becomes imperative to segment them in order to prevent unauthorized access between them. Multiple approaches can be adopted for this, including air-gapped networks and demilitarized zones (DMZ) between IT, clinical and OT networks. Contrary to what most healthcare organizations believe, the networks are not air-gapped, with most of them existing in a state of hyper-connection to facilitate faster communication. While separating IT devices from clinical systems can be highly difficult as it may hamper the communication channels necessary for patient care, access can be limited to only the trusted assets. Appropriate zones and access policies can be formulated based on this, since the network flow mapping also helps to identify unintended external communication, which could expose sensitive medical information

3. Steering clear of common misconfigurations
Seemingly harmless misconfigurations can cost a healthcare organization dearly. User accounts, devices and network communication protocols operating on mismatched credentials are easy targets for cybercriminals, since they enable their attacks to infiltrate the systems without triggering any alarms. By identifying their unsecure and unencrypted protocols within the network flow mapping, healthcare organizations can replace them with encrypted protocols such as TLS or SSL. While legacy systems may not come with the right designs that enable secure protocols, this only reiterates the importance of following secure practices throughout the rest of the network.

The process of securing healthcare systems is a continuous one. It is a full cycle in itself – it starts with obtaining visibility into networks, devices and users, moves on to enforcing network segmentation to prevent unauthorized access, and ends with ensuring that no vulnerabilities exist in the form of misconfigurations or errors. Through these safe practices, healthcare organizations can help bridge the security gaps that exist between their legacy devices and IoMT-enabled modern systems, inching closer to future-forward health services.

Subbu Iyer, Regional Director for India and SAARC at Forescout

(DISCLAIMER: The views expressed are solely of the author and ETHealthworld does not necessarily subscribe to it. shall not be responsible for any damage caused to any person / organization directly or indirectly.)

Source link

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button