CyberMDX breaks down the threats and vulnerabilities that healthcare organizations faced in their IT and cybersecurity settings in 2019

CyberMDX outlines threats faced by healthcare IT and security in 2019

February 25, 2020
by John R. Fischer, Senior Reporter
The top challenges and threats faced by healthcare cybersecurity in 2019 can now be examined in greater detail following the release of CyberMDX’s 2020 Healthcare Security Vision Report.

A provider of visibility and threat prevention for medical devices and clinical networks, CyberMDX boiled down the risks to the IT and security landscape for healthcare organizations in 2019, in which the number of breached personal records almost tripled from 15 million in 2018 to more than 40 million. It also discusses risk management and health technology management.

“The key takeaway is that healthcare delivery organizations must implement multilayered protection against hackers,” Jon Rabinowitz, VP of marketing at CyberMDX, told HCB News.

Forming such protection first requires asset inventory and management, according to Rabinowitz, in order to know what devices are used, where they are used, and what is their risk classification. He then says that providers should establish a concise risk assessment strategy to recognize and respond to network traffic anomalies and unrecognized behavior patterns, before deploying threat detection and prevention capabilities. The last step he asserts is to work with all stakeholders to create an incident playbook, as well as processes, responsibility allocation and technical controls for detection and response to an incident.

The report derived its findings from more than a million data points collected across hundreds of facilities throughout the country, and broke down the details surrounding the most significant healthcare breaches from 2019, including Bluekeep, Sack Panic, Urgent/11 and DejaBlue, to name a few.

Based on its analysis, the report asserts that the most successful hackers in the U.S. target mid-sized or less well-known healthcare organizations outside of the nation’s largest population centers, and that the typical hospital does not help the situation when it only patches 40% or fewer of its vulnerable devices four months after a vulnerability disclosure is made.

Among the attacks it warns providers to be aware of are Bluekeep, which medical devices are twice as likely to be vulnerable to than standard network devices; and URGENT/11, which medical devices are five times more likely to be vulnerable to compared with standard network devices. Rabinowitz notes, however, that providers are expected over the next few years to ramp up protection of their devices and networks against attacks such as these.

“Despite the somewhat dismal numbers regarding cyber security preparedness, healthcare delivery organizations today are well educated and are realizing that they must identify, manage, and secure their medical, IoT and IoMT devices,” he told HCB News. “It is no longer a ‘nice-to-have’, but rather a must-have.”