Security

Build a Security Posture That Helps Health Systems Bounce Back

Amid cyberattacks, increasingly severe natural disasters and other threats, resilience has become an essential capability.

Matt McLaughlin

Matt is an Associate Editorial Director and award-winning content creation leader. He is a regular contributor to the CDW tech magazines and frequently writes about data analytics, software, storage and cloud topics.

As technology has become a foundational element for healthcare organizations, cyber resilience has become an essential objective for their continued operation, IT experts said at a recent CDW Executive SummIT in Las Vegas.

“There are three key principles for resilience: being able to predict, overcome and recover from an attack,” said Hector Cabrera, cybersecurity architect at Cisco Systems, who spoke during a panel at the event. “In business, that helps us meet our key performance indicators as well as keep employee trust and customer trust.”

Members of the panel on which Cabrera spoke agreed that a key step in building resilience is to identify the level of operations necessary for an organization’s minimum viability. Healthcare organizations must identify the functions, processes and data required to maintain care continuity and keep their operations minimally viable after a cyberattack or other disruption. Once the organization has identified these operations, it must plan for their rapid recovery.

“Minimum viability is important because you can’t fix everything at once,” said Courtney Guss, director of crisis management at Semperis, adding that understanding what’s essential to a health system’s minimum viability helps IT leaders to prioritize those operations.

Organizations that achieve success in their cyber-resilience efforts improve their ability to withstand a cybersecurity breach, as well as other disruptions such as natural disasters, without losing patient trust.

Click the banner below to read the recent CDW Cybersecurity Research Report.

x_security_q325_animated_click_desktop_01

x_security_q325_animated_click_mobile_01

Why Resilience Demands a Clear View of Operations

One significant challenge healthcare organizations face in establishing resilience is having data and lines of business that operate in silos, which can limit visibility into these operations. Being able to see across operations helps organizations to be more resilient.

Cisco has developed solutions that can help organizations see across silos to create a unified view of operations, said Cabrera. Artificial intelligence and other automation capabilities in these tools help healthcare organizations save time in both preparing for and recovering from a disruption, leaving them more time to focus on top priorities that contribute to patient care.

These capabilities are becoming increasingly important, as organizations need to be able to orchestrate their recovery operations. Lines of business must communicate with each other and with leadership. Rapid recovery is a top priority as organizations face an ever-evolving landscape of cyberthreats.

“We have to do what we can on the response and recovery side because you’re not going to be able to stop everything,” Guss said.

DISCOVER: Here’s a blueprint for cyber resilience success.

Data Protection: An Important (But Misunderstood) Part of Resilience

Data protection is a key practice in helping healthcare IT teams build resilience. In addition to the increasing use of patient data in care delivery, organizations have come to rely on data as the lifeblood of business. So, that data must be protected not only for HIPAA compliance, but to ensure that operations remain viable.

“If your data isn’t discoverable, if it’s not governed correctly, if it’s not resilient, then you can’t use it to power innovation, drive operations and enhance your customers’ experience,” said Aaron McCray, field CISO at CDW.

People often conflate the concepts of data security and data protection, but data protection involves more than data security measures such as implementing firewalls and backups, McCray said. It’s a programmatic approach that includes the visibility, access, resiliency, privacy and governance of an organization’s data.

When healthcare organizations establish an effective level of data protection, they improve their resilience.

You can’t teach someone to swim while they’re drowning. You’ve got to take care of it beforehand.”

Gary McIntyre Managing Director of Cyberdefense, CDW

How AI Can Support Cyber Resilience

As health systems strategize around resilience, they are starting to take advantage of artificial intelligence as a valuable tool. AI can improve the accuracy and thoroughness of resilience efforts while reducing the burden on humans.

“Building security into the process is critical,” Guss said. “Leveraging AI to understand where our gaps are is a tremendous win.”

Gary McIntyre, managing director of cyberdefense at CDW, noted that there are three levels of AI involvement in cyber resilience:

Advisory AI looks at data and makes recommendations for humans to carry out.
Agentic AI is allowed to carry out specific tasks under specific circumstances.
Autonomous AI, in organizations that are comfortable enough with AI to let it take actions autonomously, can enable a recovery to begin before IT and security leaders may even be aware of an incident.

A partner with expertise in cyber resilience can provide valuable assistance as IT teams build out their strategies. Organizations that wait until they’ve suffered a breach to focus on resilience will find that it’s too late. “You can’t teach someone to swim while they’re drowning,” said McIntyre. “You’ve got to take care of it beforehand.”

sturti/Getty Images