1. Home
  2. /
  3. Blog
  4. /
  5. Cybersecurity in health care....
Cybersecurity

Cybersecurity in health care.
The risks, impacts, and numbers of a troubling phenomenon

 

Even in 2023, cyber incidents affecting our country have not stopped, By now, network security is an issue on the agenda, for companies of all sectors and sizes.
As recent data from Politecnico di Milano’s Cybersecurity & Data Observatory point out, an average of 207 grani attacks per month occurred in Italy in 2022.
Elli in the “cybercrime” category, i.e., with the purpose of extortion in any of its forms, are as many as 82 percent of the total serious breaches, a phenomenon that in just two numbers tells itself.
The Observatory states how, in 2022, for the second year in a row, there was a strong growth of organizations toward increasing budgets for cybersecurity solutions, an indication of a better awareness of the issue, especially of the consequences that an attack can cause for business.
On the international piamo, Clusit recalls how Italy is seeing a slightly increasing ratio of cybersecurity spending to GDP, after increased investments driven by the PNRR.
We are close to 0.10 percent in a landscape that sees a ratio of 0.31 percent for the countries in the first tier, the United States and the United Kingdom.

A scenario in the making

The events that have marked the past two years have only exacerbated an already pandemic-stressed security environment.
Factors that increase exposure to cyber risks are diverse.
These include the strategic corporate supply chain, exposure to the current geopolitical environment, and possession of sensitive and valuable data.
Going into the specifics of this last point, the healthcare context cannot be overlooked.
In recent years, the health sector has undergone a profound transformation.
The pandemic has forced companies to identify new digital-first ways to serve their customers and to adopt tools capable of ensuring long-term operations in the face of other crises.
A KPMG study found that 63 percent of companies in healthcare are making progress on their digital transformation journey compared to 44 percent of those in other industries.
This shift has led to the rise of telemedicine services and increased adoption of SaaS partners, IoT devices and digital infrastructure.
Because of this, the healthcare sector has faced new and previously unknown risks and attacks.

Data to be defended

KPMG highlights how, globally, healthcare organizations have seen an unprecedented increase in the volume of cyber attacks, up 69 percent from a year ago.
The challenge for 2023 is to figure out how to adapt to a post-pandemic world that includes this new digital transformation, addressing new threats that now target everyone.
Balancing digital initiatives with cybersecurity therefore becomes a diktat within a comprehensive risk management and resilience strategy.
It is no coincidence that even the funds allocated by the NRP in health care encourage a turnaround, expanding the technological resources available, without neglecting security.
Tools such as telemedicine for the management of chronic patients and the use of real-time monitoring tools are pivotal innovations, the adoption of which must be combined with suitable measures to protect the IT perimeter of the companies and institutions of reference.
The Ponemon Institute’s latest report “The cost and impact on patient safety and care” draws a clear picture.
Ponemon surveyed more than 640 IT professionals in the healthcare industry globally who are responsible for cybersecurity strategies and initiatives.
According to the researchers, 89 percent of the organizations surveyed had faced at least one attack in the previous 12 months.
The average, however, is the most concerning figure: 43 intrusion attempts along 2022.
Based on the responses, the report states that the average total cost of dealing with a cyberattack was $4.4 million, including legal assistance and loss of customers.
Ponemon also identifies the four types of attacks that primarily affect the healthcare industry: cloud compromise, ransomware, supply chain, and corporate email compromise.
Seventy-five percent of respondents say their organizations are vulnerable to a cloud compromise, and 54 percent say they have experienced at least one in the past two years.
However, in addition to being most vulnerable, these companies are also the most prepared to deal with particular breaches, with 63 percent deciding to take steps to be ready and respond to cyberattacks on the cloud.
Ransomware is the second-largest vulnerability.
Seventy-two percent of respondents believe their organizations are vulnerable to a ransomware attack, and 60 percent say this is the type of attack of greatest concern.
To address this fragility, 62% have taken steps to prevent and respond to ransomware over the past few years.
Poor preparedness puts patients at risk.
Although 71% of participants believe they are vulnerable to supply chain attacks and 64% think the same of BEC and spoofing phishing, only 44% and 48% respectively have a documented response against these types of intrusions.

Technologies to defend

Innovation in healthcare also needs to be governed, avoiding integration for its own sake, which can bring more risk than benefit.
Per Ponemon, 64 percent of IT managers say they are concerned about the security of devices using Internet of Medical Things (IoMT) connections in their centers, so much so that only 51 percent include such tools in their cybersecurity strategy.
Then there is the issue of skills.
Fifty-three percent of survey respondents say a lack of in-house skills is a very complicated challenge to address, with 46 percent not having enough staff to manage cyber risk.
Among possible countermeasures, monitoring of employees to avoid carelessness or negligence emerges in the foreground.
What countermeasures to take?
Let’s take a look at the infographics.
As part of security strategies, 60 percent of respondents say their organizations use threat intelligence.
Threat intelligence tools aimed at securing healthcare see network traffic monitoring at the top of the list.
Next comes the use of firewalls and scouting the dark web for data.
Social media is also an essential source of monitoring, including for implementing preventive policies to disseminate data or indications useful in perpetrating phishing campaigns.


The technologies most widely used by organizations are those that, in a simple way, allow them to monitor outgoing and incoming traffic, such as firewalls and antivirus and antimalware solutions.
One innovation that is making its way into companies large and small is definitely identity management, united with dual-factor authentication, which definitely increases the defense of networks.

 

Then there is also the structure of the company and the processes implemented when it comes to “communicating” an incident.
As shown below, 21 percent of respondents report back to the CIO, 19 percent to the CISO, and 12 percent to the cloud project manager.
Only 10% communicate with those who manage contracts with the data center vendor and 9% with the compliance department.

 

It is clear that the healthcare field has yet to consolidate clear cybersecurity guidelines into its processes.
The consequences, according to managers themselves, can still be disastrous.
Ransomware can bring a hospital’s operations to a halt for days, slowing operations and endangering people’s very lives.
Intrusion into connected devices poses even greater damage, linked directly to the safety of patients.
Rethinking one’s defenses is therefore not an option but a necessity, in a world that is hyperconnected and still, extremely, fragile if not properly protected.
If you want to be guided by us, learn about our services Go to services