Why cyber resilience must be a top priority for New Zealand healthcare organisations

eHealthNews.nz: Sector

Why cyber resilience must be a top priority for New Zealand healthcare organisations

Monday, 6 November 2023

Share |

FEATURE - Industry Innovation Article - Steven Woodhouse, field chief information security officer, Australia and New Zealand, Fortinet

As an industry, healthcare generates, uses, and stores extremely valuable personal data. It also relies on technology to treat patients, and in emergency situations, keep them alive. However, despite this reliance, the healthcare sector has lagged behind other industries in terms of updating systems and cybersecurity protocols. This has made the sector the ideal target for ransomware attacks as outdated systems make it easier for threat actors to breach security while the urgency to keep systems online and to protect sensitive data means healthcare providers are more likely to pay ransom demands.

The average healthcare breach now costs US$10.1 million and research by Verizon has identified the healthcare sector as having the highest risk from insider threats. Two factors driving this trend are the raised value of medical information on the dark web and the considerable turnover in administrative positions in the industry.

The latest Fortinet Global Threat Landscape Report highlights that the ransomware rollercoaster continued globally throughout the first half of 2023, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections. Fewer organisations successfully detected ransomware during this period (13 per cent) compared to this time five years ago (22 per cent), reaffirming that ransomware is also becoming more sophisticated and targeted. While attacks targeting industrial control systems (ICS) and operational technologies (OT) didn’t occur at high volume when compared against the percentage of all exploit detections, these still trended up over the first half of 2023.

The growing attack surface of healthcare providers adds to the vulnerability faced. According to a report by market intelligence firm SkyQuest, the Internet of Medical Things (IoMT) market across the Asia Pacific region is projected to expand at a compound annual growth rate of 20 per cent by 2030 as the demand for remote healthcare solutions and patient monitoring, wearable medical devices, and the ability to access data from a range of devices continues to skyrocket. These devices all connect to healthcare networks through the internet, creating vulnerabilities that did not previously exist.

The convergence of IoMT and OT with information technology (IT) systems has also created a complex environment that requires evolving security solutions. OT systems are responsible for monitoring events, processes, and devices, and making adjustments in patient care and healthcare operations, while IT systems are used for data-centric computing.

These two worlds have traditionally operated independently and have relied on oversight from business staff with different skill sets. However, IoMT devices and big data analytics have completely changed the game. The convergence of IT and OT increases the effectiveness of the entire healthcare sector; however, introduces new risks threat actors are all too willing to exploit.

Digital transformation in the healthcare sector
Digital transformation in healthcare is being accelerated by multiple key factors, beginning with market forces and government policies resulting in the consolidation of the healthcare industry. In addition to mergers and acquisitions, many entities form deep partnerships with other organisations, which results in fragmented infrastructures, an increased attack surface, and poor visibility across the network.

This is happening in parallel to technology facilitating advances in healthcare and connected medical devices playing a crucial role in that transformation. Medical providers participate in a complex web of affiliated and unaffiliated clinics, hospitals, research sites, insurance carriers, and their on-site and remote workers.

From the paper-driven processes of a few short years ago in which patient files were stored manually in hardcopy only and paper-based prescriptions were hand-delivered to pharmacies, today’s healthcare system is driven by electronic records stored across thousands of servers and accessed by even more devices.

Complexities are exploding as servers and devices virtualise and move about at will between data centres and clouds, creating a far more dynamic environment to secure, even as artificial intelligence (AI) and machine learning (ML) create greater visibility, improved collaboration, and vast amounts of data.

Data and users are everywhere, connecting a growing number of devices to networks through the cloud. Securing them is a critical priority. Unfortunately, the vast number of distinct device types complicates this task.

Compliance also continues to become increasingly complex, and emerging trends like embedded medical devices will change cybersecurity needs.

Addressing key healthcare sector IT and OT challenges
Faced with increasingly digitised operations and a reliance on network connectivity, data, and devices, the healthcare industry’s ability to mitigate operational disruptions through optimising networks and increasing security is paramount.

There are a number of core areas that must be addressed to ensure cyber resilience:

Network latency: encryption of Electronic Protected Health Information (ePHI) is necessary for regulatory compliance; however, impacts availability of data for patient care.
Data integrity: incorrect or incomplete medical data can impact patient health and cause clinical risk.
Operational efficiency: digital innovations secured by point products create silos that impair operational efficiency.
Physical distribution of sites and partners: sprawling healthcare organisations must monitor and secure ePHI flowing across their networks.
Cost: as insurance and government reimbursement program payments decline, healthcare providers must operate with tighter budgets.
Compliance reporting: operators in the healthcare sector must protect a variety of sensitive data in accordance with a patchwork of privacy laws and regulations.
Securing OT: most ICS lack security by design and are sensitive to change.

Build cyber resilience by minimising disruptions
Digital transformation requires secure access and data sharing across the environment, with a zero trust architecture as the foundation of security, and synergistically managed OT and IT networks in a converged security operations centre (SOC). Critically, AI-powered security services can facilitate security services staying ahead of evolving threats.

The healthcare sector needs to enhance visibility and control to reinforce cyber resilience. This will assist healthcare providers to manage cyber incidents with minimal operational disruptions to the organisation.

To learn more about building cyber resilience in healthcare, and to understand how Fortinet can help your organisation in this journey, visit https://global.fortinet.com/apac-lp-nz-healthcare-ctap-offer. Should you have any queries or require further information, feel free to contact us at anzmarketing@fortinet.com.