Cybercrime is ramping up, Russia is primed to attack: What can CISOs CIOs do?

Cyber ransomware attacks on hospitals will increase become more sophisticated, most healthcare cybersecurity experts contend. With President Biden warning just yesterday that private-sector organizations should be prepared for Russian cyberattacks as part of the country’s unprovoked war with Ukraine, the situation could only get worse.

In healthcare, many other issues are making cybersecurity more challenging: chronic staffing shortages, an increase in remote work rising complexity in maintaining the day-to-day cadence of IT operations.

Then there is the need for immutable back-ups. In cases of ransomware, too often the existing backups are infected along with the primary production environment. An immutable backup is essentially a standalone copy with separate security that is locked to prohibit edits. Hospital insurers may begin to require immutable backups, similar to the way multifactor authentication became a mandate.

On another front, healthcare has primarily invested in reactive security technologies. As the frequency of attacks becomes increasingly high, hospitals may need to consider moving away from the reactionary period in the market. Executives may need to proactively implement new technologies to help mitigate attacks.

Healthcare IT News sat down with Erik Littlejohn, CEO of CloudWave, to discuss these cybersecurity issues as well as cloud security issues.

Q. How will healthcare staffing shortages contribute to cyber ransomware attacks on hospitals increasing this year, potentially becoming more successful?

A. Chronic staffing shortages remote work are increasing security challenges. Many hospitals have not heavily invested in advanced software security tools, requiring a lot of manual processes physical eyes on threats. Add the Great Resignation the scarcity of local IT talent, you have a recipe for disaster.

Healthcare staffing shortages have resulted in a growing number of hospitals using outside agencies to bring in temporary staff, which opens IT systems up to human vulnerabilities. Additionally, most workflows have transitioned to self-service online tools with remote connectivity.

Increased turnover also means having to onboard off-board more frequently, requiring heightened diligence for security practices. Each individual needs to be aware of their impact. Many hospitals have IT resources that are single-threaded hard to replace. There may not be skill sets available in the geographic location where they are needed. The reality is that healthcare is competing with other industries companies that allow for remote work.

These factors many more are contributing to increasing cyber ransomware attacks on hospitals in 2022.

Q. What is an immutable back-up how can it help with cyberattacks?

A. An immutable backup is an extra standalone copy with its own distinct security protocols, locked to prevent encryption, edits deletes. It adds “air gapping,” meaning the protected extra copy is separated from the rest of the data storage IT environment, particularly from the domain structure, for an extra layer of insurance.

Health IT administrators were previously concerned with hardening copy one it was acceptable if copy two was just “OK.” In today’s environment, where data is both growing exponentially in volume more critical than ever to powering healthcare, a solid third option is needed that is restorable clean.

In addition, we’re seeing malicious actors specifically targeting backup infrastructure in their attacks, because they know a valid backup is the best way to foil their plans to disrupt operations extort ransom. Immutable backups provide a solution to these challenges.

Therefore, if a catastrophic event occurs, where a healthcare organization’s primary secondary data centers are corrupted, this third copy – the immutable backup – can be restored much more quickly than working around corrupted primary secondary copies.

This becomes a critical element in recovering from a ransomware attack as the restoration of the immutable backup is done without needing to pay the ransom. Therefore, we are seeing more more hospitals their insurers require immutable backups.

Q. You suggest that healthcare provider organizations must move from reactive to proactive technology investments. Please explain.

A. As the frequency of attacks is becoming so high, many hospitals are moving away from the reactionary period. Executives now need to proactively implement new technologies to help mitigate attacks keep up with evolving threats.

For example, new solutions use AI to be more predictive are faster to respond to emerging threats. Modern security technologies can also help offset staffing shortages, flag what is important to focus on as the current frequency of incidents alerts can create a lot of “noise.”

With a highly remote workforce, the problem is significantly more complex, as there are hundreds of locations personal networks involved, rather than just the “four walls” of a hospital environment.

Older investments are simply no longer cutting it. For example, shutting off access after multiple password attempts is not effective, because bad actors are not trying to figure out what the password is. They already have it. It’s like buying a new lock when the cybercriminals have the key.

Another trend that is driving hospitals to be more proactive in technology investments, particularly related to security, is that insurance companies are taking a deeper look at process procedure.

Q. Many hospital CIOs are determining the post-pandemic operating model looking at how cloud technology can help manage that. What does this mean for cybersecurity cyberattacks?

A. The cloud brings cybersecurity advancements that individual hospitals may not be able to invest in independently. This scalability of the cloud is an important benefit.

The pandemic broadly taught us that the just-in-time world was too fine-tuned. Today in the future, many industries will need “burst” capacity, regardless of supply chain. If something on the scale of the COVID-19 pandemic were to happen again – where increased capacity of remote connectivity becomes critical – successful organizations will be expected to adapt on the fly.

Most of us didn’t value think about IT flexibility that much in the past. However, organizations simply need more flexibility to deal with the nature of the world today.

They must prepare for future resiliency, plan ahead for network capacity, bandwidth, hardening assets critical resources, because everyone is going to be chasing the same things. The cloud helps provide scalability flexibility.

Resiliency used to mean hardening, but now it means more flexibility. Prolonged workflows on backup – like paper pen – are not going to work. Healthcare IT leaders need to focus on speed agility to recover restore normal operations, the cloud is a huge asset for enabling that.

Another area to focus on in the future is the IT supply chain. It’s important to evaluate potential vendors products for vulnerabilities. An example of this is the recent SolarWinds event. Supply chain risks third-party risk-management are big topics to address across the board in the coming years.

Twitter: @SiwickiHealthIT
Email the writer: [email protected]
Healthcare IT News is a HIMSS Media publication.

Source link