Ransomware has been a concern in healthcare for several years, with the number of bad actors growing.
Unfortunately, adversaries have become much more sophisticated, and ransomware threats now represent a genuine threat to patient care.
During a recent webinar with Becker's Hospital Review sponsored by Fortinet, Troy Ament, chief information security officer for healthcare at Fortinet, a security management company, discussed the cybersecurity landscape and how health systems can protect themselves.
Five key takeaways:
1. A strong cybersecurity posture begins with a portfolio of foundational tools. "When we partner with health systems, we seek to understand where they are in their security journey," Mr. Ament explained. "Many times, data breaches, as well as ransomware and phishing attacks, occur because foundational practices aren't in place. Systems can't be compromised unless vulnerabilities exist." Healthcare organizations need strong vulnerability management, which includes visibility into necessary patches.
Other important tools include identity and access management controls. "Once employees lose their credentials, threat actors can gain access to systems. Through targeted attacks, they can obtain more sophisticated access and spread ransomware internally," Mr. Ament said. Multi factor authentication is also crucial — across not just email and remote system access but also patient and physician portals.
2. The shift to virtual care and working from home has created additional security vulnerabilities. Adversaries know that employees in functions like revenue cycle, accounting and IT often have privileged system access. During the pandemic, these individuals were likely to be working from home. Telehealth is also a security concern, since patient data on virtual visit platforms needs protection. According to Mr. Ament, "When work shifted to the home setting, some healthcare organizations did so securely, adopting technologies like [a software-defined wide-area network] and multifactor authentication. Many didn't, however. Adversaries are pivoting their attention to employees working from home, and they're targeting that group."
3. IT teams must educate the C-suite about cybersecurity risks. It's valuable to pair IT leaders with the CEO or COO of a health system that's had a significant cybersecurity breach. "Doing tabletop exercises with executives who have managed through a bad security situation can be really helpful," Mr. Ament said.
4. Healthcare organizations must develop strategies to close the cybersecurity talent gap. IT needs to partner with HR and deploy an employee life cycle plan. "As you recruit new talent, make sure they have opportunities to grow. Training is very important," Mr. Ament noted. Other best practices include offering competitive salaries and a flexible work-from-home policy. To strengthen the cybersecurity talent pipeline, it's often productive to visit large universities with cybersecurity programs. "Bring pizza and tell the up-and-coming talent what you're doing in your program," Mr. Ament said.
5. Consulting partnerships are a proven way to improve an organization's security posture. Many health systems are working with managed security providers like Fortinet. "We have over 10,000 cybersecurity professionals to ensure that client systems are safe. We manage security operations centers and endpoint solutions. We can also provide long-term staff augmentation for security operations center work," Mr. Ament said.
Once healthcare organizations have developed a cybersecurity playbook, they can turn to automation tools, data mining with machine learning and artificial intelligence, and deception tools to block attackers in their tracks. "It's important to recognize that cyberattacks are a real threat to your patient care, revenue streams and brand reputation," Mr. Ament said.
To register for upcoming webinars, click here.