CYBER SECURITY IN THE HEALTHCARE SECTOR: WHY IT'S A PRIORITY
Criminal operations are constantly increasing, both in terms of frequency and criticality, with increasingly targeted attacks in order to maximize cybercrime profits.
The Covid-19 pandemic was a further aggravating situation: the criminals have not lost this opportunity to exploit this issue as much as possible, compromising companies, organizations and institutions already put to the strain by the management of the emergency.
Among the numerous targets, the healthcare sector is certainly the one that worries most of all.
As we showed in the Clusit Report 2022 presented a few weeks ago at the Italian Security Summit, since 2018, Healthcare is the fourth most targeted sector by criminals, with an ever-increasing number of attacks (13% of the total cyber attacks in 2021).
A trend, which not only shows no signs of decreasing, but also seems to be getting worse.
So what are the priority interventions for the health sector to try to stem this situation?
- Mitigate vulnerabilities
The spread of IT and digital technology also in the Healthcare sector has facilitated activities and contributed to a more agile management of the entire healthcare sector.
At the same time, however, it has contributed to increasing the risks of encountering several vulnerabilities:
- incorrect configurations,
- absence of patches or updates in operating systems and applications
- installation and / or design defects
- defects in the management of protocols and communications
It is a priority to carry out periodic checks (at least every 6 months) to find the evidence and mitigate it quickly.
Unlike a normal company, in a healthcare facility Vulnerability Assessment must be performed with the utmost caution to avoid interruptions in activities.
In addition, it would also be advisable to perform this check more frequently, in order to be sure to promptly handle issues.
- Verify the Cyber Security strategy
Solving vulnerabilities is really important but not the only solution.
It is in fact very important to verify the cybersecurity strategy chosen by the healthcare facility.
A good strategy must first of all include defensive solutions: these can include hardware products (such as firewalls), software (such as anti-malware products), and timely updating of systems and applications.
A robust, up-to-date and properly configured backup system is equally a priority: in the event of a ransomware infection, the backup could in fact be the only salvation.
Finally, it is also necessary to have a good disaster recovery plan, because, although the defensive solutions may be adequate, the chances of suffering a cyber attack are nonetheless.
It is important, in this case, to be prepared and that the response would be rapid and effective, with priority of intervention previously shared and reviewed frequently.
- Cyber Security Awareness Trainings
Some types of cyber attacks are complex to recognize and not easily intercepted by software solutions such as anti-malware products.
Among these threats are, for example, Phishing, BEC (Business Email Compromise) scams and all types of online scams, which can have very serious consequences and induce victims to carry out harmful actions without their knowledge, such as installing malware or providing information to criminals.
To try to stem this problem, it is useful to train staff to recognize the main threats and the most recent types of cyber attacks.
Cyber Security Awareness trainings are useful for this purpose and should be organized for employees, collaborators and company management, at least once a year.
But it is even more so for the healthcare sector, which is important and which, in addition to its systems, must also be able to protect our health data.