by John R. Fischer
, Senior Reporter | November 28, 2021
In the past 18 months, 82% of healthcare providers have experienced some form of an IoT cyberattack. Of these, 34% were hit with ransomware, according to a paper by data security firm Medigate and cloud-based protection provider CrowdStrike.
Among the trends that the study, titled "Healthcare IoT Security Operations Maturity – A Rationalized Approach to a New Normal” observed, ransomware attacks became increasingly more common, and of those who experienced one, 33% paid the ransom, but only 69% reported that doing so led to the full restoration of their data.
This and other findings indicate the need for healthcare delivery organizations to boost their security infrastructures by incorporating more basic defense. Among these are cyber-insurance considerations and addressing the fact that there is still no standard that outlines attack restoration costs.
"Healthcare now understands the reality of the threat and is doing something about it. And that's a good thing. But when faced with all the advanced options promoting layered defense capabilities, we thought it was time to detail a more simplified approach. HDOs require a unified security approach to defend against evolving threat landscapes,” said Jonathan Langer, co-founder and CEO of Medigate, in a statement.
Medigate and CrowdStrike offer a number of suggestions in their report to help organizations protect themselves against cyberthreats. One is the integration of the CrowdStrike Falcon platform and Medigate platform. The CrowdStrike platform utilizes the speed of the cloud and AI to combat cyberattacks without interfering with organizational performance. Its Threat Graph continuously assesses real-time analytics to detect and eliminate threats, while an intelligent, lightweight agent it uses blocks both malware and non-malware attacks and captures and records endpoint activity. The Medigate Device Security Platform, meanwhile, profiles every connected device, analyzes risks and automates responses to keep HDOs safe and operating efficiently. Its tools allow it to decode proprietary healthcare IoT protocols, and it can alert HDOs to enhance their security measures to protect themselves.
Another suggestion is threat containment with the use of firewalling and NAC enforcement products. When implementing such measures, providers should understand the device in question and how it works in conjunction with others; virtually simulate the impact of security policies; test the impact of underlying policies and modify them based on results; and study segmentation effects without disrupting clinical operations.
They also recommend effective insurance coverage. Security Risk Assessments can help here by giving providers an overview of the state of their security strategies. Those who comply with the recommendations made in their SRAs are more likely to receive quality security packages at low premium rates. Demonstrating containment can also help with security coverage.
"HDOs must implement a modern, layered-defense strategy that continuously improves visibility, incorporates EDR, and includes containment capabilities so that they can accurately detect, respond, and prevent sophisticated attacks,” Drex DeFord, Executive Healthcare Strategist with CrowdStrike, said in a statement.