Cyber security is becoming a matter of life or death for healthcare providers

Healthcare under attack

When it comes to cyber attacks healthcare is the highest targeted sector. In 2017 there were over 300 breaches. That is over 29 times the number of breaches reported across the hospitality industry.

There are many reasons why healthcare is such an attractive target to cybercriminals, including:

1. Patient data is valuable data – the information contained in a patient’s files include personally identifiable information (PII) including names, date of births and social security numbers, as well as a whole host of additional information that has a high value on the dark web.
2. Open to extortion – where data has a high worth the incentive for extortion increases.
3. An increasing attack surface – the ever-expanding areas healthcare networks have to support is only going to increase. From internet based consulting to remote workers and patients requiring online access to records, not to mention the proliferation of the Internet of Medical Things (IoMT), the attack surface of the healthcare sector is growing exponentially.
4. Vulnerable infrastructure – historically there has been a lack of investment in cybersecurity within this industry, both concerning human resources and infrastructure investment. Historically, expenditure has averaged 50% compared to that of other sectors. ‘Lean’ teams coupled with a rapidly changing cyber threat landscape significantly increases an organization’s vulnerability to threats.

The consequences of a cyber attack

When a provider within healthcare is subject to an IT security breach the ramifications go far beyond the initial internal IT ‘mop-up’:

The potential risk to life – on multiple levels there is a risk to human life, from operations having to be canceled to no access to medical records for emergency treatment, not forgetting the number of IoMT devices which can be compromised. Take a glance at the numerous articles on the web concerning a pacemaker’s vulnerability to hacking, and you’ll soon understand the risk IoMT devices can present.

Brand & reputation – once a data breach becomes public the media feeding frenzy commences. One only has to look to the National Health Service in the UK in 2017 which was effectively brought to a standstill by the WannaCry ransomware. The media coverage was global and prolonged.

In countries where an individual can choose their healthcare provider it’s hardly likely they will trust an organization with their life if that organization can’t be trusted with their personal data.

Financial – loss of productivity, cost of remediation, missing pay for performance deadlines and heavy financial fines from governing bodies and authorities such as HIPAA, not to mention penalties under GDPR, all contribute to weighty post-breach costs.

The costs of Healthcare data breaches far exceed other industries. Following a security breach, The University of Washington Medicine incurred a $750,000 HIPAA fine. In Ponemon’s 2017 Data Breach report it was estimated that a data breach in the Healthcare industry costs an organization $380 per record, in comparison to a global average of $141! For the NHS in the UK, the cost of the fall-out from WannaCry has nearly reached £100m.

Continually changing threats

Taking all the above into consideration, it is clear that security teams within the Healthcare sector have to be smart with their IT security spending. With reduced resources and funds it’s almost impossible to keep abreast of the latest security threats.

Ransomware attacks declined by 32% in Q1 2018 from Q4 2017, while coin mining (cryptojacking/cryptomining) increased by 1,189%. With such a quickly shifting threat landscape maintaining expertise across all areas is challenging for even large teams, let alone smaller ones.

Healthcare security teams have to look to solutions that automatically mitigate risk, protecting patient data and devices while freeing up precious manpower resources to focus on other issues, without a hefty price tag.