Cybersecurity will continue to be a top priority for hospitals and healthcare organizations in 2018. The increasing...
number of sophisticated attacks against health groups is putting CIOs and IT professionals on high alert. The ever-changing tactics used by attackers require everyone to adopt new and improved cybersecurity best practices, along with intelligent cybersecurity technology to keep patient data protected.
While end-user training and awareness are critical areas that continue to demand attention, there are several important steps that IT folks must address to ensure they're prepared to handle the changing threats lurking outside their environment. These cybersecurity best practices will help CIOs, CISOs and other security professionals to protect patient data and keep their environments safe from cyberattackers.
Get to know the network in depth. To implement the appropriate defenses and security protections, IT teams must ensure that they have an in-depth understanding of their network and attack surface. That'll expose the areas that attackers are likely to target and allow hospital IT to identify potential vulnerabilities. Hospitals have several devices and entry points in their systems that require cybersecurity best practices to protect a hospital environment. There are many tools, including Nmap, Netcat, Metasploit, Wireshark and NetworkMiner, that can create an inventory of hospital devices for the internet of things and mobile computing.
Adopt strong multifactor authentication. One of the more common cybersecurity best practices is to require employees to use multifactor authentication (MFA) when connecting to hospital applications and systems. This practice ensures that leaked or stolen user credentials can't be used to gain access to internal systems without having access to additional details. MFA blocks many attacks resulting from stolen credentials by requiring users to present additional information to confirm their identity. MFA includes tokens, biometric methods and a code sent via text, email or voice.
Implement elevated privilege control. Security threats don't always come from the outside. In some documented security breaches, contractors or employees with elevated access have been the cause of leaked information. Administrators or contractors with elevated privileges present a logistical problem for hospitals since they often require more elevated forms of permission to do their work. As a result, a balanced approach that includes monitoring, temporary elevated access and audit trails ensures that adequate controls are in place for protection against these internal threats.
Adopt modern AI-based monitoring tools. Traditional security information and event management (SIEM) tools that simply monitor logs are no longer sufficient. The volume of information and the sophistication of today's attacks can easily go unnoticed by many of these traditional tools. Hospitals should adopt modern SIEM tools that use artificial intelligence and machine learning to analyze all the security events and traffic on a network and detect abnormal activities within the hospital environment.
Perform a thorough disaster recovery review. While hospitals continue to put safeguards in place to keep attackers at bay, it's critical that they be fully prepared if an attack requires restoring systems. CIOs acknowledge that their goal is to be attack-free, but there's still a chance that hospitals can fall victim to an attack despite their best security efforts. If that happens, their disaster recovery and business continuity plans are available and ready to be implemented.
CIOs and IT professionals in healthcare organizations recognize the importance of adapting their cybersecurity best practices in the face of constantly changing cyberthreats. Hospitals may not be fully prepared for the increasing volume of attacks, especially as attackers look to AI to increase their attack success rate. Fortunately, hospitals look to AI when it comes to fighting back -- and 2018 will certainly have its fair share of attacks.