How healthcare organisations can map and minimise their cyber-attack surface
Healthcare providers run among the most complex IT environments of any organisation. But complexity is the enemy of cybersecurity. As more providers run digital transformation projects to help them reduce COVID backlogs, improve patient outcomes and increase efficiencies, they run a greater risk of compromise. That’s because these projects increase both complexity and the size of the digital attack surface. Our research shows that 70% of global healthcare organisations (HCOs) are now concerned about the size of their attack surface.
In effect, digitalisation means threat actors have a larger target to aim their attacks at, and potentially more assets to compromise. Over half (56%) have been compromised by ransomware over the past three years, and 86% suffered operational outages as a result. Given the potential impact on patient care of a serious hospital IT outage, the stakes couldn’t be higher.
Where are the main risks?
What do we mean when we talk about an attack surface? Put simply, it’s the apps, websites, cloud infrastructure, on-premises servers, operational technology (OT), email addresses and even staff that can be targeted by cyber-threats. And it’s all of this IT infrastructure and resource used by any key suppliers – of software, hardware, raw materials and manpower (ie contractors).
Visibility is an essential precursor to effective security. Yet two-thirds (62%) of the healthcare IT and business leaders we spoke to admit they have blind spots in trying to secure their attack surface. In fact, on average, they have only an estimated 59% visibility into these assets —among the lowest of any sector. They find cloud, network and end user assets are the most challenging to gain visibility into.
Part of the problem is a lack of budget and in-house skills. Supply chains are complex and opaque and partners are too infrequently vetted, the size and complexity of multiple hybrid cloud deployments makes continuous insight all but impossible, and environments are in constant flux. Some cloud containers last just hours – but unless tracked and protected during that time, they could represent a significant security risk.
Time to consolidate
So what’s the answer? There’s no silver bullet solution for healthcare providers. But there are better ways to assess and manage cyber risk. And they start by replacing siloed toolsets with a single, consolidated platform. The best type of platform would both map the attack surface definitively, and then deliver unified capabilities to protect key assets, and detect and respond to new threats before they have time to impact the organisation.
A platform-based approach like this makes sense on three fronts. It will help to reduce money otherwise spent on renewing and managing point products. It will maximise productivity for stretched IT teams. And it will close the coverage gaps that can emerge when using siloed security tools.
The long-term strain placed on healthcare services by an ageing population, will require significant extra investment in digital technology over the coming years. This in turn could ramp-up risk exposure if not properly managed. Building security into such projects from the start will help to mitigate risk, and ensure providers can optimise their use of technology for social good.