Challenges to Strengthening Cybersecurity in Healthcare
The federal government has been working to help industries beef up their controls, from funding nascent cybersecurity research in the 1970s to establishing the Cybersecurity and Infrastructure Security Agency in 2018 and passing the Cyber Incident Reporting for Critical Infrastructure Act in 2022. Ultimately, federal agencies depend on private network administrators to do their part in monitoring and maintaining security.
Governmental direction can positively impact cyber insurance for healthcare organizations, but at what cost? Many healthcare organizations, particularly in rural areas, do not have the funding needed to boost their cybersecurity.
IT shortages are also becoming more pronounced in healthcare, and this will only get worse.
Many healthcare systems can’t meet the demand to properly monitor and protect their data, perform forensic analysis or even recover from a major incident. This will certainly impact rural healthcare organizations, which already face a deficit in cybersecurity talent.
Some organizations that perform active threat hunting, detection and response activities are only able to do so for a portion of the day or a season of the year, such as when conducting an exercise to meet attestation requirements. That means they’re not doing a regular, complete job of monitoring for data protection.
Many organizations have turned to passive activities such as log aggregation and correlation, but they depend heavily on third-party assistance when threats are active or when speedy recovery is needed to keep operations running.
Calculating Cybersecurity Costs to Healthcare Organizations
When a healthcare organization is hit by a cyberattack, there are additional costs that can be substantial, including the time and resources needed to perform forensics. Analysis can be complicated if local IT teams do not preserve evidence before moving into recovery.
There’s also the cost from personnel loss: A ransomware attack could result in resignations or firings, shrinking an already reduced workforce.
Ongoing legal fees can also affect organizations. And while losses in patient trust and future business are hard to calculate, they will nonetheless add even more to the cost of recovery.
It's likely that more healthcare organizations will turn to third-party cybersecurity professionals in search of programs and outcomes that they can afford. The cost of cybersecurity, if it's not tiered for smaller and larger organizations, will have a detrimental impact to healthcare.
Tips to Bolster Cybersecurity for Healthcare
Cybersecurity conversations should not be limited to IT departments; they must include business and operational stakeholders so that everyone is aligned. Transparency is key for any cybersecurity plan, not just with third-party partners but also within an organization.
In today's world, it is imperative to know the identity of users and devices that roam the network and have access to other resources within the environment. Organizations can minimize a ransomware attack’s impact in these ways:
- Implement backups with best practices: That means air-gapped backups at multiple locations, and storing copies in multiple sites with frequent testing.
- Have a structured program for regular software updates: This includes behavioral analytics, sunsetting old programs and microsegmentation of applications that do not play well within a network.
- Rollout sensible restrictions: Think carefully about who should have access to what data.
- Impose proper credential tracking: Identity is everything. Always know who is accessing your data.
Finally, should a cyberattack happen, have a path to an incident responder who can get to your organization in under two hours to stop the attack and help with recovery.