www.helpnetsecurity.com Open in urlscan Pro
54.190.64.132  Public Scan

Form analysis
1 forms found in the DOM

POST

<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
  <div class="mc4wp-form-fields">
    <div class="hns-newsletter">
      <div class="hns-newsletter__top">
        <div class="container">
          <div class="hns-newsletter__wrapper">
            <div class="hns-newsletter__title">
              <i>
                        <svg class="hic">
                            <use xlink:href="#hic-plus"></use>
                        </svg>
                    </i>
              <span>Cybersecurity news</span>
            </div>
          </div>
        </div>
      </div>
      <div class="hns-newsletter__bottom">
        <div class="container">
          <div class="hns-newsletter__wrapper">
            <div class="hns-newsletter__body">
              <div class="row">
                <div class="col">
                  <div class="form-check form-control-lg">
                    <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
                    <label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
                  </div>
                </div>
                <div class="col">
                  <div class="form-check form-control-lg">
                    <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
                    <label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
                  </div>
                </div>
              </div>
            </div>
            <div class="form-check form-control-lg mb-3">
              <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
              <label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
            </div>
            <div class="input-group mb-3">
              <input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
              <button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
            </div>
            <div class="form-check">
              <input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
              <label class="form-check-label" for="mcs4">
                <span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms &amp; conditions</a>
                </span>
              </label>
            </div>
          </div>
        </div>
      </div>
    </div>
  </div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
    value="1699927873"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
  <div class="mc4wp-response"></div>
</form>

Text Content

 * News
 * Features
 * Expert analysis
 * Videos
 * Events
 * Whitepapers
 * Industry news
 * Product showcase
 * Newsletters

 * 
 * 
 * 


Please turn on your JavaScript for this page to function normally.
Mirko Zorz, Director of Content, Help Net Security
November 13, 2023
Share


THE REAL COST OF HEALTHCARE CYBERSECURITY BREACHES



With each step towards digitalization, from cloud computing to electronic
records, the healthcare sector faces mounting risks that threaten not just the
privacy but the very wellbeing of patients.

In this Help Net Security interview, Taylor Lehmann, Director, Office of the
CISO, Google Cloud, discusses the critical conversation surrounding the ethical
and legal responsibilities that healthcare providers must navigate in the wake
of a data breach. He explores the severe implications of cyber threats that go
far beyond financial loss, potentially endangering lives and eroding public
trust in healthcare systems.

Lehmann also shines a light on the operational repercussions of cyberattacks,
the transformative impact of cloud technology on health data security, and the
measures necessary to bolster defenses against these evolving threats.



CAN YOU DISCUSS THE ETHICAL AND LEGAL IMPLICATIONS FOR HEALTHCARE PROVIDERS IN
THE EVENT OF A DATA BREACH?

Historically weak protections for sensitive, valuable data and hard-to-secure
legacy technology have made healthcare an easy, appealing target for attackers.
The impact of cyber breaches in this industry can have serious repercussions for
individuals, in large part because of the sensitive personal and health data
they collect and store, and the fact that many systems used in a care setting
directly support the safety of medical procedures and sustain life.

Healthcare providers are in a unique position as compared to other industries –
they have an ethical and legal obligation to protect patient data and safeguard
patient care from cyber threats. Healthcare delivery is the one of very few
industries where there is a direct connection between security, resilience, and
the safety of human life.

In one instance, a health system temporarily diverted ambulances and shut down
its IT systems to restore its network following a cyberattack. Under varying
circumstances, threat actors could have stolen passwords, medical records,
social security numbers, or other personally identifiable information.

On the legal front, healthcare providers are subject to an intricate web of data
protection laws and regulations, such as HIPAA in the United States or GDPR in
the EU. Non-compliance with these regulations can lead to hefty criminal and
civil fines and penalties for organizations. Lawsuits from breach victims
seeking damages for medical identity theft, financial losses, potential loss of
life, and emotional distress can also have a substantial legal, financial, and
reputational impact.

OPERATIONAL IMPACTS DUE TO CYBER ATTACKS ARE AFFECTING PATIENT SAFETY. COULD YOU
GIVE SOME EXAMPLES OF HOW THESE ATTACKS ARE IMPACTING HEALTHCARE DELIVERY?

Cyber attacks against healthcare and life sciences institutions can directly
affect a patient’s well-being. In addition to the financial loss that can occur,
cyber attacks can disrupt operations, damage reputations, and even threaten
public health. For example, a ransomware attack on a pharmaceutical company
could delay the release of a new drug, which could have a serious impact on
patients who need it.

While there has yet to be a definitive patient fatality due to a cyber attack,
CISA found that successful ransomware attacks in 2020-2021 on hospitals reduced
their ability to care for patients. In June, St. Margaret’s Health, the only
hospital in the small, rural community of Spring Valley, Illinois, permanently
closed its doors, in part because of the insurmountable costs to restore
hospital services following a 2021 ransomware attack.

To put it gently, the trendlines are not in our favor. While St. Margaret’s
Health is the first healthcare facility to cite a cyber attack as one (of a few)
reasons to permanently cease operations; indicators say that it is unlikely to
be the last. In 2022, we saw an increasing number of alleged deaths due to cyber
attacks against hospitals.

The effects of this are insurmountable. A hospital closing its doors could
directly impact residents’ ability to get critical care.

Threat actors know that our health systems are vulnerable, and they don’t care
about hurting the vulnerable people they treat. To put an end to the growing,
existential threat that healthcare faces, it will take creativity, innovation,
partnership, and a willingness to change the current state of IT security and
risk management in healthcare.

HOW HAS THE TRANSITION TO CLOUD COMPUTING CHANGED THE CYBERSECURITY LANDSCAPE
FOR HEALTHCARE ORGANIZATIONS?

Public clouds can play an important role in helping healthcare and life sciences
organizations become more secure. Forrester recently found that organizations
are increasingly investing in cloud technologies as cloud providers have
improved their security. The inherent, better security in the cloud, combined
with regulatory motivation and widespread community efforts, can allow
healthcare providers to scale their IT infrastructure to meet growing demands
quickly.

That said, one poorly managed credential in the cloud could make all the
difference in how a day in the life of a healthcare organization is going to go.
Managing this growing surface area by performing proper cloud deployment and
upkeep will continue to be a challenge for healthcare organizations in the
foreseeable future – but is critical and will have a strong ROI in the long run,
if done correctly. Over the last quarter, Google Cloud data shows that over half
of all initial access attacks on the cloud came from users having weak or no
passwords across all industries. Once attackers are in they deploy ransomware
and also increasingly extort data to destroy, sell or use as leverage to compel
a response or payment of some type.

WHAT MEASURES ARE HEALTHCARE ENTITIES IMPLEMENTING TO SAFEGUARD THEIR
CLOUD-STORED DATA, AND WHERE DO YOU SEE ROOM FOR IMPROVEMENT?

Healthcare organizations should continue to improve their identity and access
management (IAM) systems to ensure user credentials are defined, set up, and
monitored. This will help reduce the likelihood of credential theft by providing
security teams with an early warning of suspicious activity. Organizations
should use multifactor authentication (MFA) to ensure that credentials that are
stolen and not detected by their IAM protocols do not lead to breaches.

Additionally, passkeys are increasingly a great tool to help reduce the
likelihood of credential theft by requiring a user to have a physical device
like a cellphone, not just login credentials to get into the system.
Continuously assessing and reducing access for users and services to the minimum
necessary and providing just-in-time access to highly sensitive resources will
help keep organization’s running safely.

Healthcare institutions must focus on security hygiene, including cloud
security, and educating their entire workforce on cyber threats. Otherwise,
these organizations can fall victim to these relatively common – and preventable
– cyber attacks.

GIVEN THAT A SIGNIFICANT PERCENTAGE OF HEALTHCARE ORGANIZATIONS PLAN TO ADOPT
CLOUD TECHNOLOGIES SOON, WHAT ARE THE TOP CYBERSECURITY CONSIDERATIONS THEY
SHOULD CONSIDER?

1. Build guardrails into your environment and personnel training to ensure
everyone practices good cloud hygiene, which should be monitored and enforced.

2. Effective and robust authentication tools should be used across the
organization, and specifically, MFA should be set up for key resources to ensure
that stolen credentials do not lead to proper, sufficient authentication.
Workspace administrators should also implement appropriate session expiration
for key cloud services to help mitigate threats like “real-time” data access.

3. Maintain data backups, and test business continuity capabilities, to
successfully recover production environments from ransomware, data deletion, and
related attacks. Keep backup data isolated. For critical data, keep offline
backups for additional redundancy. Periodically test system resiliency by
performing “whiteboard” or live business continuity tests to ensure
infrastructure destruction or similar attacks don’t affect production services.

4. Run regular vulnerability scans against cloud instances and perform
penetration testing against key cloud-hosted web applications. Patch any
identified vulnerabilities in native services, third-party software, and web
apps in a timely fashion.

5. Extend detection and response platforms to cover more systems where critical
services are being provided before attackers can take action following a
successful compromise.

6. Leverage machine learning and artificial intelligence to move faster and more
confidently in defending one’s organization.

ARE CURRENT HEALTHCARE CYBERSECURITY POLICIES AND REGULATIONS SUFFICIENT TO
TACKLE CYBERSECURITY CHALLENGES, OR IS THERE A NEED FOR NEW FRAMEWORKS?

We’re seeing a shift as many have realized protecting the confidentiality of
sensitive information isn’t enough to keep organization’s and their customers
safe. While well intentioned, healthcare security laws and regulations haven’t
kept pace with the rate organization’s consume new technologies and attackers
discover ways to affect them. Many new laws and regulations are being proposed
to address some of the concerns voiced by the healthcare security community,
including those that seek to increase the amount of security threat intelligence
that is being shared, drive adoption of new security models like zero trust,
improve the security of supply chains for software and data, and others.

Encouragingly, we are also seeing shifts in regulatory attention to include
safety as a critical outcome of these efforts. For example, the Omnibus
Appropriations Act of 2023 includes two significant provisions related to the
security of connected medical devices, including a new Federal Drug
Administration requirement that connected medical devices be cyber secure and
stay that way once they enter the market. Failure to do so would allow the FDA
to apply enforcement and prevent these devices from reaching the market. The EU
has similar regulations.

In addition, the FDA signaled in its draft Computer Software Assurance model
last year that a risk-based approach to managing quality, security, and safety
of medical devices was coming. The guidance made it clear that security,
alongside safety and quality, must be considered in the design and
implementation of these systems.

These regulations are a strong starting point towards creating a safer and more
secure and resilient healthcare system in the US and as others adopt similar
measures internationally – but these regulatory efforts must be coupled with
industry collaboration and information sharing to drive impactful, lasting
change.





More about
 * CISO
 * cybersecurity
 * data breach
 * Google
 * Google Cloud
 * healthcare
 * opinion
 * strategy
 * tips

Share


FEATURED NEWS

 * Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new
   industry standard
 * Success eludes the International Counter Ransomware Initiative
 * The real cost of healthcare cybersecurity breaches

Download: The Ultimate Guide to the CISSP



SPONSORED

 * eBook: Keeping Active Directory out of hackers’ cross-hairs
 * eBook: Cybersecurity career hacks for newcomers
 * Guide: SaaS Offboarding Checklist




DON'T MISS

 * Sumo Logic discloses potential breach via compromised AWS credential
 * Marina Bay Sands breach exposed data of 665,000 customers
 * The 3 key stages of ransomware attacks and useful indicators of compromise
 * Aqua Trivy open-source security scanner now finds Kubernetes security risks
 * AI-assisted coding and its impact on developers




Cybersecurity news
Daily Newsletter
Weekly Newsletter
(IN)SECURE - monthly newsletter with top articles
Subscribe
I have read and agree to the terms & conditions
Leave this field empty if you're human:

© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us
×