Keith Glancey, systems engineering manager for Western Europe at Infoblox, reveals the results of its latest report exploring how the UK healthcare industry and its cyber security have been impacted by the COVID-19 pandemic
Healthcare organisations are still a key target for cyber attacks
The rise in remote working has presented healthcare organisations across the globe with the mammoth task of re-equipping their workforce.
In the past, the healthcare industry has been slow to digitise, so much so that a recent global study conducted by Econsultancy and Adobe found that just 7% of healthcare and pharmaceutical companies claimed to have gone digital, compared to 15% of companies in other industries.
And, at the onset of the COVID-19 pandemic, our own report found that almost two thirds (64%) of healthcare organisations felt they were ‘very prepared’ when it came to having the right technology and cyber security precautions in place for remote working, while 30% felt they were ‘somewhat prepared’.
Industries that were ill prepared for this new way of working have since found themselves at the mercy of cyber criminals, with 70% of healthcare organisations reporting an increase in attempted cyber attacks as result of the pandemic.
Industries that were ill prepared for this new way of working have found themselves at the mercy of cyber criminals, with 70% of healthcare organisations reporting an increase in attempted cyber attacks as result of the pandemic
While these threats are only set to become more sophisticated, just over a third (35%) said they are allocating more resources towards cyber security to protect their network, with the majority (60%) actually choosing to move resources elsewhere.
While the pandemic has put the healthcare industry under significant strain, failure to prioritise cyber security could have catastrophic consequences.
In April this year, INTERPOL warned of a significant increase in cyber attacks against hospitals that are engaged in the COVID-19 response and said that attacks could ‘directly lead to deaths’.
And The Guardian reported that hackers are also targeting UK research labs in the hope of stealing extremely-valuable information as they race to find a vaccine.
So, what kind of cyber security attacks should healthcare organisations be looking out for; and how can they best protect themselves with minimal resources?According to Infoblox’s survey data, healthcare organisations have experienced a number of different types of cyber attack. In fact, 90% of healthcare organisations have reported seeing social engineering and phishing attacks, 89% said that they have witnessed malware exploit targeting at the edge, 85% said they had experienced unknown devices attempting to connect to the network, and 38% reported DNS/network traffic hijacking.
With a remote workforce connecting to the corporate network from what could be thousands of insecure, personal devices, each of these threats becomes significantly harder to detect and manage.
While the pandemic has put the healthcare industry under significant strain, failure to prioritise cyber security could have catastrophic consequences
Almost half (44%) of healthcare organisations said that distributing safe, clean devices was their biggest challenge when setting up employees to work remotely.
Home and public networks are not sophisticated enough to fend off these types of attacks.
From using Wi-Fi, to unapproved, unregulated devices and applications; IT and cybersecurity teams have their work cut out.
Infoblox’s report found that the majority (77%) of healthcare organisations have already changed their cyber security plans for when employees begin to return to the workplace - a much-higher figure than the cross-industry number of 49%.
And, with 73% of businesses currently re-evaluating their cloud strategy, where is the healthcare industry spending?
Three quarters (75%) of organisations invested in endpoint security and secure DNS, retrospectively, to help secure their networks and employees as a result of the pandemic; followed by 73% adding AI to detect anomalous behaviour, and 72.5% adding DDI (DNS, DHCP, IP Address Management) to their security stack.
With so many options, it can be difficult for IT teams to know where to start when considering where to invest their precious budgets.
The majority of healthcare organisations operate across multiple sites, whether that’s a hospital, medical practice, or from home.
And, as companies continue to deploy their IT infrastructure in the cloud and shift to de-centralised network models; it’s getting more difficult to monitor traffic and devices across locations with traditional security solutions.
As the survey results showed, the vast majority of healthcare organisations are beginning to invest in DDI solutions to help secure their new remote workforce.
With funds being prioritised for urgent care, IT decision-makers need to carefully consider where the areas they invest in and consider long-term solutions that will help detect threats at source as their networks continue to expand to support the growing needs of the borderless enterprise
This is because cloud-managed DDI platforms can extend security policies to the enterprise edge by allowing organisations to automatically deploy and centrally manage core network services to all locations.
But what sets DDI services apart from, say, SD-WANs or band-aid solutions like VPNs, is that they sit at the heart of the network.
From there, they can monitor and flag suspicious activities across both hybrid and multi-cloud environments.
Because these services are deployed in the cloud, they help to alleviate the strain on IT teams and enable faster rollout of new solutions, which is of particular importance since many healthcare organisations are taking the decision to shift resources away from cyber security.
The healthcare industry is at a crucial point. It’s struggling to cope under the strain of a global pandemic, while constantly under fire from cyber criminals looking to exploit this for their own gain.
With funds being prioritised for urgent care, IT decision-makers need to carefully consider where the areas they invest in and consider long-term solutions that will help detect threats at source as their networks continue to expand to support the growing needs of the borderless enterprise.