By Talal Shaikh, Associate Professor and Director of Undergraduate Studies, School of Mathematical and Computer Sciences, Heriot-Watt University Dubai
As far as data breaches and cyberattacks are concerned, 2020 was a record-breaking year for nearly all types of entities and businesses. Due to COVID-19, companies had an added constraint to defend themselves digitally. In a recent report, IBM revealed that the cost of data breaches had risen by nearly 10% between 2020 (USD 3.86 million) and 2021 (USD 4.24 million).
Healthcare facilities often lag in adopting strong cybersecurity protocols. In the healthcare sector, most data breaches are caused by staff, whether they are intentional or unintentional. This includes human errors such as sharing sensitive information with the wrong person.
A compromised IT system or other critical health device can have disastrous consequences for patients as well. Hence, healthcare providers should incorporate cybersecurity into their operational strategy and promote best security practices across all their departments.
Talal Shaikh, Associate Professor and Director of Undergraduate Studies at the School of Mathematical and Computer Sciences in Heriot-Watt University Dubai, discusses how and why CIOs and CISOs in healthcare organisations must adopt and ensure stronger security measures.
- Adopt encryption
A huge portion of the data transmitted by IoT devices is unencrypted, which presents a huge security risk to the healthcare sector. As a result, malicious actors have easy access to intercept the traffic and capture sensitive information such as health information. Medical information, including PHI, should therefore be encrypted when it is stored, processed, and shared.
- Deploy advanced security solutions
Installing antivirus and antimalware on all computing devices, including servers, endpoints, and network gateways is a given. In addition, firewalls should be installed on all devices connected to the internet and advanced security solutions (such as Network Intrusion Detection and Incident Response) should be implemented to prevent sophisticated cyberattacks, including lateral movement and APT attacks that are difficult to detect with simple security measures.
- Increase mobile device security
One of the most critical components of healthcare infrastructure is medical mobile devices. Vulnerable mobile devices enable hackers and cybercriminals to exploit and install malicious code to gain control of them. An infected mobile device can quickly lead to several mobile device security issues in healthcare, including the theft of crucial credentials for electronic medical records and hospital systems and the encryption of work-related files stored within external storage on the mobile device. Since medical professionals rely on mobile devices to collaborate, provide remote care, and to assist patients, it is imperative to enhance their device security.
- Implement Identity and Access Management (IAM) solutions
As healthcare organisations involve many stakeholders including doctors and nurses, patients, and others who access their systems and data, managing identities and access requires a well-thought-out IAM solution that tackles the various layers of complexities.
IAM should be the cornerstone of every healthcare provider’s IT infrastructure and security strategy as it allows access to network services and other resources securely. IAM allows users to store their credentials (password, access keys, biometric authentication information, temporary security credentials) in a secure, central location. It helps IT administrators to implement strong password security policies by creating, updating, and maintaining user credentials.
- Upskilling and training the security team
A highly skilled security workforce is the foundation of cyber readiness. As hackers become more audacious and the nature of threats rapidly evolve, the need and demand for cybersecurity talent has amplified as well. Hence, organisations faced with a skills shortage should take more deliberate steps involving upskilling and training needed to close the skills gap. CIOs and CISOs should focus on areas such as risk management and identification; cloud security; perimeter security (i.e., IDS and IPS); and cybersecurity automation when planning for training and upskilling opportunities.