Healthcare and the Foreboding Cyber Security Environment

Cyber threats are becoming increasingly more sophisticated and that sophistication is being applied in a targeted rather than in a broad fashion.  Advanced Persistent Threats (APT), botnets, zero-day attacks, and countless malware variants have caused significant monetary damage on a global scale.

New threats are being greeted with new solutions from innovative security providers. The “new thinking” is to take a behavioral approach to detecting malware and network compromises. Instead of trying to detect malicious cyber activity based on what it is (signature based), behavioral based detection relies on what is occurring on the network and endpoints. However, an unforeseen consequence is developing as the complexity of security technologies used to combat these threats has also increased.

Greeting this security complexity is a widening gap between the number of security professionals needed and the actual number available to be hired. The result is that overtaxed security teams are challenged to keep pace with this evolving and churning threat landscape and the complex and numerous security tools they seek to master. Something has to give and that “something” is security quality.

Why is healthcare such a target?  Frankly, cyber miscreants love healthcare.  Healthcare is like fine dining for those that sell such information on the black market.  There are three primary factors:

  • Quantity of information—Think of the 15 pages of forms that gets filled out when visiting a doctor. No other vertical has that quantity of data
  • Value of information—Not only is there a lot of data, but it is the best stuff. Social security numbers, payment information, bank accounts, addresses and troves of personally identifiable information (PII)
  • Timely—Our medical and financial information is guaranteed to be updated at least annually with the traditional open enrollment period with employer. Additionally, healthcare information is constantly being updated with every physician’s visit.  No other vertical updates client data with such frequency. 

In light of the current cyber security environment, here are some quick recommendations to keep in mind.

Respect thy enemy. The adversary that is faced is not some random teenager, fueled by chocolate doughnuts and energy drinks and looking to make a name for himself. This criminal element is intelligent, educated, sophisticated and organized.  Thus, confront thy cyber enemy with the respect they deserve.

Strategically plan your security architecture. Security professions need to be more deliberate in the coordination and implementation of security tools. Tools that simplify and automate security are needed, tools that go beyond managing, and maintaining an individual solution, but also provide visibility, context, and integrated management functionality across multiple security technologies. Efficacy of entire network security architectures can be improved; it requires proactive strategic planning rather than being reactive to the latest threats.

Have a plan. No one plans to be breached, but we need a meticulous plan in place on how to respond to a breach, minimizing the blast radius and non-verbally communicating organizational competence in handling the situation.

About the author: Frank has over 20 years of experience in the security, mobile, wireless, telecommunications , multimedia, computing and semiconductor sectors.  Frank has a Master of International Management with Distinction, Thunderbird School of Global Management and a Master of Business Administration from Arizona State University.