While most sectors aim for profits and growth rates, the healthcare industry’s success is defined by how well it serves the public and sustains the public’s well-being and safety. Since healthcare is one of the most highly regulated industries, technology is a key business enabler for healthcare providers to meet these goals, while maintaining compliance and security standards.
Healthcare was among the first industries where Internet-connected mobile devices were already in use before the "Internet of Things” (IoT) emerged. Internet-connected medical devices, referred to as electronic medical devices (EMDs), have been instrumental in keeping the health system rolling – playing important roles in such areas as patient care, imaging, medical records, and billing. The challenge has been in securing these interconnected devices across geographically distributed office locations. Each device serves as a potential attack vector for cybercriminals, and the sheer number of devices at multiple locations makes securing them extremely difficult for even the most experienced healthcare IT teams.
In healthcare, cloud solutions promise better service levels as compared to internal IT organizations – at a fraction of the complexity and cost. Health providers typically have smaller IT teams or limited access to skilled IT resources in satellite offices. Cloud-based Hospital Management Solutions (HMS) and collaboration and productivity applications provide a flexible, cost-effective, and agile model for connecting remote locations. As a result, many healthcare providers have migrated to the cloud to achieve access to better IT services, without having to maintain a large internal IT team.
For a tightly regulated sector where any breach can lead to compliance issues, security has been one of the biggest points of concern. A compromised medical device within the network can rapidly infect other devices, rendering them unsafe to use. This heightens the chance for critical records to be stolen or made inaccessible and even shut down facilities as a precaution. The reputational cost of a breach harming client health and privacy can eclipse the lost revenue from business disruption.
The Evolving Attack Landscape
The world’s fragile state during the Covid crisis opened the door for an aggressive wave of cyberattacks. Ten years ago, healthcare providers’ on-premises-focused security personnel were able to identify network attacks very quickly, since most took place in the top-level layers of a system, often through a malware attack. These days, however, vulnerabilities are exploited over extended periods of time, with more massive destruction to the network in mind. Healthcare organizations can no longer assume that their network systems will remain safe.
Cyber thieves are also infiltrating through underlying networks, passing from router to router and accessing information located far below a system’s top level. The evolution of these attacks means that healthcare providers may not be aware of a breach for long periods of time, increasing the amount of harm to the group and overall network that can be performed.
Healthcare organizations should update their security strategies to address worst-case scenarios and assume that at some point they will be victims of an attack. This means understanding that any single employee may serve as a hacker’s entry to access company systems. Anyone can be fooled by increasingly sophisticated attacks and click on a phishing email, resulting in an opening for malicious events.
Focus on Analytics and Visibility
To address these sophisticated attacks, analytics and visibility are instrumental in strengthening a health organization’s security posture, particularly when it comes to remote office sites. Analytics and visibility deliver invaluable insights into an organization’s ongoing security status and can help identify critical vulnerabilities previously unseen. While IT leaders traditionally have focused on their organization’s connectivity and security, these days analytics and visibility of distributed networks are getting their fair share of attention.
The type of information this approach provides can prove vital for the rising number of companies suffering an attack. The first challenge after a breach attempt has been identified and systems have been shut down is to determine how far cyber thieves have infiltrated before being detected, and what exactly they accessed. This is particularly true in cases of ransomware, where a provider must be able to determine the criminal’s activity on its systems. Hackers may claim they accessed and encrypted five terabytes of data, but an IT team may be able to see they collected only a handful of files before being shut out. Only with complete visibility will health organizations have the information they need to counter a criminal’s claim.
Approaches to Strengthen Healthcare Architectures
Healthcare groups can strengthen their network architecture against attacks through a number of approaches. For example, Zero Trust Network Access (ZTNA) technologies should be a high priority to limit access to privileged accounts and data left easily accessible. Requiring authentication before granting access is an important way to protect the health network and keep data secure.
Many healthcare providers need to reassess their infrastructure foundations before additional security approaches can be considered. Integration is critical for strengthening an organization’s network architecture since many have disparate systems that should ultimately be integrated. Integration will not only simplify systems and their management, but it will also provide greater accessibility, security and flexibility. Achieving strong integration will enable teams to have greater visibility into their distributed systems, making it easier to identify and defend against incoming cyberattacks.
Steps Toward a Secure Future
Approaches such as Secure Access Service Edge (SASE) can go a long way toward strengthening a health organization’s network architecture. SASE is the integration of security and networking solutions, such as firewall-as-a-service (FWaaS) and ZTNA, into a unified service that can be delivered entirely through the cloud. Cloud delivery offers teams greater flexibility, making it easy to apply security services and consistent policies to remote offices where they are needed. A secure and seamless transition from the cloud is critical since so many applications are cloud-based, including collaborative communications.
Cybersecurity needs to become more of an integrated consideration for every new project. For example, in today’s distributed environment, every area needs embedded security, including branch office sites and mobile workers. Simply educating employees about security risks is not enough to protect networks from malicious attacks.
In today’s world where any organization can be a target for a cyberattack, a strongly secured network architecture and end-to-end visibility are the building blocks to a resilient security posture. Enabling a single point of control using approaches such as SASE will help ensure healthcare providers can create a more streamlined and secure network architecture, whether from headquarters or remote clinic locations. To protect private data and networks, all organizations should work toward a common goal – implementing an approach that combines the crucial elements of network architecture, security and visibility.
