According to the Black Book’s Annual Cybersecurity Survey, healthcare organizations are not “maturing fast enough” and are still “underfunded and understaffed”. Since the third quarter of 2016, over 90% of healthcare organizations have experienced a data breach, and as much as 23% of providers believe their cybersecurity position will worsen.
Why is the Healthcare Industry So Vulnerable?
Healthcare service providers are faced with a seemingly insurmountable problem. They employ a very large number of staff and store vast amounts of valuable patient data. On top of which, the frequency and sophistication of attack vectors continues to proliferate. One of the biggest reasons why healthcare providers are failing to keep their data secure is due to a lack of budget, according to 48% of respondents. 88% of hospital representatives claim that security budgets have remained level since 2016.
This Isn’t Just a Healthcare Problem
In addition to budget constraints, there is a serious shortage of IT security professionals – a problem that persists across all industry verticals. As much as 84% of hospitals were operating without a dedicated security executive.
The shortage of professionals has forced providers to outsource many of their security operations, as opposed to investing in cybersecurity software. Of those that do invest in cybersecurity products, a third did so “blindly without much vision or discernment”, and 92% of software purchasing decisions were made by C-Level executives and did not include other departments or employees. It would also appear that the majority (89%) of IT managers are more focused on complying with regulations than protecting their data. Of course, complying with regulations will naturally improve their security posture; however, compliance alone is not enough.
Getting Ahead of the Problem
The threat landscape is continuously evolving, and healthcare providers must keep up to speed with the latest trends and technologies if they are to stay afloat. According to the survey, 57% of IT managers are not fully aware of the security solutions that exist, and there still seems to be disproportionately more investment in anti-virus/anti-malware solutions, than Identity and Access Management (IAM).
This may be understandable given the spate of ransomware attacks on healthcare over the past few years; however, according to the Protected Health Information Data Breach Report, by Verizon, “healthcare is the only industry in which internal actors are the biggest threat to an organization” – accounting for 58% of incidents. Service providers may also need to focus on security awareness training that is specific to each employee role – something which is not mandatory for regulatory compliance.
Data Security Platforms
While many healthcare service providers have implemented a Security Information and Event Management (SIEM) solution, using these solutions requires specialized skills. SIEM solutions tend to generate a lot of noise, which security professionals must sift through in order to find something that indicates a potential breach.
Given the lack of funding and skills available to providers, it would be more cost effective to implement a Data Security Platform, as they are much easier to use and more affordable.
DSPs enable IT teams to automatically detect, alert and respond to anomalous events in real-time. All important events can be reviewed via an intuitive console, and customized reports can be generated effortlessly. Some sophisticated DCAP solutions provide threshold alerting, which can be used to prevent the spread of ransomware. For example, if X number of files are encrypted within a given timeframe, a custom script can be executed which can disable a user account, stop a specific process, change the firewall settings or shut down the affected server(s).