Sophisticated Cyber Threats Require a New Approach to Digital Security in Healthcare.

By Saeed Valian, Chief Information Security Officer, symplr

In the era of modernization, healthcare organizations are pushing for digitalization in their EMR’s. While there are significant benefits here, it does open the door for digital risks. The world of cybersecurity is changing at a breakneck pace: cyber threats are becoming more sophisticated and frequent, and the White House, Senate, and Congress are establishing new rulings mandating software providers to be more transparent about their security processes. The need for a strategic and proactive approach to cybersecurity has never been greater—especially in healthcare, where the safety of so many patients is at stake. The goalpost for optimal cybersecurity is constantly moving, which means healthcare leaders and their organizations are on a constant cybersecurity journey to best protect patients and providers.

Take a dynamic and offensive approach to cybersecurity

Hospitals and other healthcare organizations are home to vast troves of sensitive data and protecting these data from cyber threats is critical. The negative repercussions of cybersecurity breaches include, but are not limited to revenue loss, damaged reputation, employee turnover, and higher insurance premiums. Just recently, a ransomware attack happened at Prospect Medical Holdings of Los Angeles, affecting and disrupting hospitals and clinics across the country.

When it comes to security, there is no cookie-cutter approach or one solution to address all risks for all organizations. With SaaS applications growing in popularity, including critical solutions for healthcare organizations, hackers are routinely shifting their focus. Right now, they tend to be attacking the API gateways between customers and partners, but this may not be the case in a year or two years. Business Email Compromise (BEC) attacks are also becoming more common and increasing the adoption of remote work models has made organizations more vulnerable to these attacks.

As cyber criminals evolve their tactics and become more sophisticated, healthcare organizations must have dynamic processes in place to shift their focus without opening gaps elsewhere. A balanced approach to cybersecurity should be multilayered, including key components such as threat intelligence, data visibility, human-led AI/ML controls and automation, and an organizational culture of security.

Additionally, following some simple best practices can help employees identify and avoid security threats on a day-to-day basis:

• Don’t click on questionable links
• Keep devices and applications up to date
• Enable two-factor authentication
• Keep passwords private and securely stored
• Avoid using public or unknown Wi-Fi connections without a secure VPN
• Four questions to ask about your cybersecurity approach

As noted, an effective cybersecurity approach requires multiple layers and ongoing optimizations. Whether you have a comprehensive cybersecurity posture or are in the first stages of implementing a security program, these questions may help you identify the strengths and weaknesses of your organization’s current approach.

1. How are we addressing the top digital risks facing our organization?: It is critical for companies to have a comprehensive approach in place to address a variety of risks, including a dynamic user awareness program and an effective email security solution. As such, it’s imperative for leaders to be aware of the cyber threats and digital risks always impacting their organizations. A layered approach includes people, processes, and technology. Detailed threat intelligence and trend analysis are also critical to identifying top security threats. For example, when it comes to phishing emails and account compromises, ongoing analysis of logs and trends would help with a more targeted approach; are specific departments or individuals being targeted more frequently? Are remote employees falling prey to email phishing attacks more or less often than in-person employees? These kinds of trends can be crucial to guiding the direction of your cybersecurity approach.
2. How does our cybersecurity posture compare to those of our peers and competitors? Take some time to research industry leaders in cybersecurity and the processes they have in place. Implement tactics that are proven to work and learn from the mistakes of others to fill any gaps.
3. How are we educating and training our employees to be aware of and prevent cyber threats?: Safeguarding against cyber-attacks and protecting the company’s money and interests is every employee’s responsibility! While implementing required cyber-security training for all new employees along with frequent refresher training can help ensure that employees are able to identify and avoid common cyber threats, it’s imperative to augment it with creative and targeted training as well. Referencing question 1 above, different individuals or departments might experience different types of cyberattacks, hence the importance of a targeted approach. Additionally, everybody responds to general security training differently, therefore it is critical for cybersecurity practitioners to think of different methods to get the attention of all employees. Partnership is essential, encourage employees to speak up about any cybersecurity concerns or suggestions, including suspicious emails, calls, or texts they receive.
4. How do we measure and validate the effectiveness of our cybersecurity posture against cyber threats? There is no perfect security! If you were to respond to a significant ransomware attack tomorrow, how confident are you with the existing plan to respond to and recover from it? Always challenge and improve the plan to better prepare for such attacks to reach the desired level of confidence, which should be based on the organization’s risk tolerance. View cyber threats as opportunities to learn from and improve your security against future attacks. There is no end destination for cybersecurity—it is a continuous journey.

Strong cybersecurity is a business enabler

Contrary to common belief, security does not have to be only a cost center. In fact, it can become an essential business enabler. Strong cybersecurity is a boon to organizational reputation and an integral component of a business including revenue operations.

As healthcare organizations, the safety and well-being of patients is of the highest priority. It is important to put in the work to avoid any threats, because as we saw in the case of Prospective Medical, these threats can directly impact providers ability to care for their patients. Investing in strong cybersecurity measures is key to not only protecting revenue and reputation but also improving patient safety and care. Put in the work now to prevent breaches before they happen and prepare your organization to respond to security threats—your employees, your patients, and your organization’s future will thank you.

About the Author

Saeed Valian is the Chief Information Security Officer at symplr. He is a healthcare industry CISO with 20 years of comprehensive IT Infrastructure and Information Security experience, Saeed can share what healthcare organizations need to do today to protect patient data and position themselves for revenue growth, productivity, and success. Saeed Valian can be reached online at https://www.linkedin.com/in/saeedvalian/ and at our company website https://www.symplr.com/.