by Subbu Iyer
Over the past few years, healthcare systems have taken giant leaps of change. From manual processes of yesteryear to modern ones, Tech-enabled operations – It sure has been quite a journey. While automation and enhanced connectivity have been a boon to modern healthcare, they have also made systems more vulnerable to cyber attacks. composition of Internet of Medical Things (IoMT) extends connectivity across clinical, operational technology and information technology environments, tying them together into a connected ecosystem.
However, it is this same connected ecosystem that presents greater risks to systems with exploitable vulnerabilities. The complexities of converging medical and tech environments often leave access points inadequately secured, resulting in Malware infection and loss of valuable data. Supply chain or third-party software vulnerabilities pose a critical challenge for healthcare organizations because the onus is on external vendors to inform them of potential threats. Despite many vendors working on providing enhanced security, some organizations still move forward with insecure legacy devices due to their longevity.
End users often choose to disable security Specialty Placed by device manufacturers to have easy access. What they often fail to realize is that such software vulnerabilities make healthcare organizations easy targets for cybercriminals, who are constantly on the lookout for weak security measures that can be used to steal or, in worst cases, wipe valuable data from systems. In light of these factors, it is not surprising that cyber attacks are expected to increase by 71 percent in 2021. However, such attacks can be avoided by adopting these three best practices to ensure the security of complex healthcare environments.
1. Greater focus on visibility
Cybersecurity frameworks (CSFs) often mandate inventory and asset management. The primary reason behind this is that one cannot protect what one does not know exists. Medical devices as well as other sensitive physical security systems are often connected to networks without proper change controls being followed by end users, allowing risk factors to slip under the noses of network and security teams. This type of visibility requires knowledge of all users and devices in an organization, as well as a deep understanding of how these devices are interconnected and what types of software (or third-party software) are running on these devices. This lack of visibility can lead to blind spots on the discovery of new vulnerabilities. An imperative aspect of visibility is insight into legacy devices and operating systems, as they are inherently vulnerable. Many medical device manufacturers often avoid patching these legacy devices for fear of triggering a difficult FDA review. However, more focus on visibility should be adopted as a standard.2. Segmenting network
In the labyrinth of connected networks, it becomes imperative to segment them to prevent unauthorized access between them. Multiple approaches can be taken to this including air-gapped networks and demilitarized zones (DMZ) between IT, clinical and OT networks. Contrary to what most healthcare organizations believe, networks are not air-gapped, most of them exist in a state of hyper-connection to facilitate fast communication. While isolating IT devices from clinical systems can be extremely difficult because they block the communication channels necessary for patient care, access can be limited to trusted assets only. Appropriate zone and access policies can be formulated based on that, as network flow mapping also helps identify unwanted external communications, which may expose sensitive medical information.
3. Steering away from common misalignments
A seemingly harmless misalignment can cost a healthcare organization dearly. User accounts, devices and network communication protocols operating on mismatched credentials are easy targets for cybercriminals, as they enable their attacks to infiltrate systems without triggering any alarms. By identifying their insecure and encrypted protocols in network flow mapping, healthcare organizations can replace them with encrypted protocols such as TLS or SSL. While legacy systems may not come up with the right design that enables secure protocols, it only reiterates the importance of following secure practices throughout the rest of the network.
Securing healthcare systems is a continuous process. It is a complete cycle in itself – it starts with gaining visibility into networks, devices and users, moves to implementing network segmentation to prevent unauthorized access, and ends with ensuring that no vulnerabilities exist in the form of misconfigurations or errors. not Through these safe practices, healthcare organizations can help bridge the security gap that exists between their legacy devices and IoMT-enabled modern systems, bringing healthcare closer to the future.
Subbu Iyer, Regional Director for India and SAARC at Forescout
(Disclaimer: The views expressed are solely those of the author and not necessarily subscribed to by ETHealthworld. ETHealthworld.com shall not be responsible for any loss caused to any person/organization directly or indirectly.)
