Tackling the threat of cybercrime in the healthcare sector

Anurag Kahol, CTO at Bitglass discusses the growing concerns about data security in the healthcare sector and what can be done to safeguard sensitive patient information.

The past twelve months have been some of the most challenging ever experienced for healthcare providers worldwide. In the UK, only a series of strict lockdowns prevented the NHS from being overwhelmed by the huge influx of patients suffering from COVID-19. However, as the world now looks to bounce back from the damage caused by the virus, there’s another malicious spectre on the horizon that cannot be ignored.

Healthcare is one of the fastest-growing sectors for cybercrime, something which the COVID-19 pandemic has only exacerbated. This is because hospitals and healthcare facilities have a wealth of sensitive data stored on their networks that need to be accessible around the clock in order to maintain a high quality of patient care. Put simply; they can’t afford to be locked out of their data. When combined with the chaos and resource strain caused by the pandemic, it has made them the perfect victims for cyber criminals looking to make profits, despite how despicable and unscrupulous it may seem to the rest of us. Obviously, cyber criminals are not known for their compassion.

In the last few months alone, attacks have disrupted numerous healthcare organisations worldwide, some with deadly consequences. In September, a ransomware attack disabled computer systems at Düsseldorf University Hospital in Germany, leading to the death of a critically ill patient who had to be diverted to another hospital over 30 kilometres away.  Around the same time, another cyberattack on Universal Health Services (UHS), which runs approximately 400 hospitals and care centres across the US and UK, crippled its entire network, jeopardising healthcare for millions of people. The massive scale of the UHS attack made it one of the largest medical cyberattacks in US history.

The cost of cyberattacks in the healthcare sector is rising at an exponential rate

While it can be difficult to put exact numbers on individual attacks, a recent report estimates that the total cost of healthcare breaches has risen by almost 200 percent over the last three years, from around £3.4bn in 2018 to more than £9.5bn in 2020*. Additionally, the cost per breached record has grown from roughly £295 to over £360. When you consider that a typical breach involves hundreds of thousands of records, the cost of an attack can quickly reach astronomical levels.

Remote work is creating more new challenges for the healthcare sector

As with many other industries, the healthcare sector has also seen a huge shift to remote work over the past twelve months, causing additional problems. While frontline workers and hospital staff naturally must remain on-premises, many support and administrative staff have been working from home. Unfortunately, most healthcare IT security systems currently remain focused on on-premises security, which isn’t a good fit for remote working. As such, sensitive data becomes highly vulnerable once moved off-site.

How can organisations protect themselves more effectively?

So, what’s the solution? As is often the case, the answer lies in a combination of technology and education.

To better adapt to the ‘new normal of remote working, many organisations are looking to the cloud. However, as part of this, they also need to deploy a security solution specifically built for the task at hand. Such a solution must enable secure access to web and cloud services, block rampant threats like malware, prohibit data leakage, and enable adherence to compliance frameworks.

Secure access services edge (SASE), pronounced ‘sassy,’ refers to a comprehensive cloud security platform that delivers on this new way of working. SASE integrates cloud access security broker (CASB), zero-trust network access (ZTNA), and secure web gateway (SWG) technologies into a flexible platform designed to defend data wherever it goes.

SASE platforms allow enterprises to extend consistent security to all enterprise resources from a single control point. This enables the corporate security team to configure policies that secure software-as-a-service (SaaS) apps, control access to malicious web destinations, and prevent leakage in on-premises resources without the need for virtual private networks (VPNs). In other words, SASE replaces multiple disjointed point products, delivers significant cost savings, and provides the comprehensive security needed for a remote workforce in a cloud-first world.

In addition to the above technologies, education remains critical. Regular cybersecurity training for all employees offers CTOs and CISOs some of the best return on investment available. Even advanced cyber threats still frequently rely on basic methods to infiltrate their targets, such as phishing emails and social engineering. By conducting regular training sessions and educating employees to identify and avoid such schemes, healthcare organisations can save themselves huge headaches.

READ MORE: 

Whether they like it or not, healthcare organisations worldwide are in the eye of an increasingly dangerous cybersecurity storm. However, all is not lost just yet. With the right security tools and training techniques, the NHS and other healthcare providers can enjoy all the benefits that remote work and the cloud have to offer without needing to fear any impending attacks. Doing so will help ensure sensitive patient and operational data remains secure and help them provide the best quality of care possible in these unprecedented times.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Anurag Kahol

Anurag expedites technology direction and architecture. Anurag was director of engineering in Juniper Networks’ Security Business Unit before co-founding Bitglass. Anurag received a global education, earning an M.S. in computer science from Colorado State University, and a B.S. in computer science from the Motilal Nehru National Institute Of Technology.

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...