Trends and tips in healthcare cybersecurity
Cybersecurity in the healthcare sector has been a growing concern in recent years, and it is one of the major topics of discussion at the annual Healthcare Information Management Systems Society (HIMSS) meeting. Medical imaging is one of the largest users of off-site cloud data storage, so Health Imaging spoke with radiology archive and data protection vendor Pure Storage at HIMSS 2023 about what trends they are seeing in the market.
Jon Kimerle, Epic Alliance Manager at Pure Storage, said cybersecurity has become a major concern in the last five to eight years because of the increase in cyberattacks and numerous high-profile healthsystem data breeches that gave real-world examples of what to defend against. This includes ransomware attacks and the costs involved in fixing things after attack, and the loss of service and financial impact overall from these attacks that can take months to recover from.
"I think those real life examples are informing both the cyber insurance companies along with health system boards about the cybersecurity response that is needed. It is kind of like a theoretical threat that is infinite, but if you have a concrete example of what occurs, then you can plan for it better. So we're seeing a lot more practical responses to cybersecurity resiliency," Kimerle explained.
The NIST Cybersecurity Framework and collaboration
When hospitals seek to improve their cybersecurity measures, Kimerle emphasizes the importance of adopting a structured approach. He recommends using the U.S. Department of Commerce's National Institute of Standards and Technology (NIST) Cybersecurity Framework as a foundation for developing cybersecurity strategies. This framework provides a comprehensive and standardized approach to managing and reducing cybersecurity risks.
Collaboration within the healthcare industry is another critical trend. Healthcare chief information officers (CIOs) are increasingly looking for a more integrated and end-to-end solution to reduce risk effectively. Rather than relying on piecemeal point solutions, they seek a cohesive cybersecurity tools and services that work together seamlessly.
"They are looking for the ecosystem to come together and offer them a more end-to-end solution to fundamentally reduce their risk," he said.
Addressing cybersecurity challenges for smaller hospitals
Smaller hospitals with limited IT resources often face unique challenges in cybersecurity. Many are now turning to service solutions from vendors, such as managed detection and response, to access expertise and support without the need for extensive in-house cybersecurity teams. These services provide a more personalized and hands-on approach to cybersecurity for organizations lacking dedicated IT expertise.
Even healthcare facilities with substantial IT staff and in-house cybersecurity experts are urged not to become overly confident. Kimerle highlights the value of bringing in external advisors to examine systems from fresh perspectives. Regular audits and assessments help uncover vulnerabilities and potential risks that internal teams may overlook.
"I think for those organizations that need a more white glove end-to-end concierge approach, we're seeing cybersecurity companies that can offer that as a service, get access to their expertise, but only what they need. They are looking for trusted advisors or new advisors to come in and look at things that you haven't looked at. You want to make sure the unknowns become known to you through these advisors," Kimerle explained.
Healthcare ransomware and rapid recovery
Ransomware attacks continue to be a substantial threat in the healthcare sector. While complete prevention may be elusive, organizations are shifting their focus toward rapid recovery. The ability to restore critical systems and data swiftly is now a top priority. This shift from merely backing up data to ensuring fast recovery from backups is a notable trend in healthcare cybersecurity.
Expanding threat surfaces and adaptive resilience in cybersecurity
While employees opening emails with ransomware attachments is one of the primary ways attackers infiltrate health systems, Kimerle said a growing threat is from the major increase in the IT surface that can now be attacked because of staff working remotely and the internet of things (IoT). Health systems have seen a massive growth since COVID of employees who can, working from home. Hospitals also have seen a massive growth in their IoTs, where everything from imaging scanners, contrast injectors, patient tracking tags, patient monitors, mobile computing, computerized medication carts, and inventory control systems all connected to wireless networks pose a multitude of new cyberattack entry points.
"You've got the FDA regulated medical devices that you can't keep patched because of the FDA requirements. And so clearly healthcare has a fundamentally large surface on which threats can attack. So again, you're looking at the solutions community for solutions to inventory all the medical devices and create some actionable plans to plug those gaps. And again, that's where I think it's not just a single solution. It's really figuring out how the industry can work together to take care of all the threats," he said.
Kimerle said "adaptive resilience" is another emerging trend. Healthcare institutions are diversifying their data protection strategies, using tiered resiliency to decrease cyber risk. This includes having multiple copies of data available on the primary array for rapid restoration, making data less vulnerable to cyberattacks.