How Healthcare Organisations can Ensure their Cyber Security Operations are Fit for the Future

How Healthcare Organisations can Ensure their Cyber Security Operations are Fit for the FutureImage | AdobeStock.com

According to a study by e2e-assure, the UK’s leading Threat Detection and Response provider, 77% of Healthcare organisations have experienced a cyber attack. Featuring input from 500 UK Chief Information Security Officers (CISOs) and senior security decision-makers from a variety of industries, the survey also found that only 13% of organisations describe their cyber security provider or in-house team as “exceeding expectations,” which is lower than the average across industries, including Financial Services, Professional Services and Manufacturing, which sits at 16%. As we look to the future of the Healthcare sector, it’s imperative that organisations reassess and strengthen current cyber security defence strategies.

The current state of cyber security operations in the Healthcare sector

The key frustrations facing the Healthcare industry are diverse. 33% reported a lack of proactivity from providers to fine tune cyber alerts and protect environments, while 29% revealed long and complex contract terms were in place, leaving no room for flexibility. The cyber security operations needs for Healthcare organisations are not being met as 31% say their provider or in-house team is underperforming and as a result, looking to make changes to bring long-term efficiencies.

In response to the sector’s frustrations around proactivity and speed, there is a huge opportunity for outsourced cyber security providers to support the Healthcare sector. It doesn’t come as a surprise that 52% say speed is a priority when it comes to making decisions around their cyber security operations. The biggest “don’t have but desire” of Healthcare organisations is real-time visibility of reporting dashboards confirmed by 55% of respondents.

Flexible solutions vs locked-in contracts

Having a flexible cyber security solution in place is integral for Healthcare organisations in supporting them to scale their security services and adapt to their changing needs, as well as being able to evolve with cyber threats as they develop over time. The top three outsourced operations are Security Operation Centres (SOC as-a-service), Threat Detection and Response, and End-to-End Solutions. However, according to half of respondents (50%), providers are not implementing proactive measures, such as Threat Hunting, which is the number one frustration.

While SOC-as-a-service has seen exponential growth within the marketplace, Healthcare organisations utilising this approach cited frustration around the continual barrier to bolt on services (18%), not to mention that the speed and accuracy currently provided isn’t sufficient.

While for some, long contracts allow for predictable costs, they also restrict flexibility and agility over a contract term. This frustration has follow-on consequences, with organisations struggling to ensure that their cyber provision continues to be fit for purpose over time. This is particularly relevant for the Healthcare sector, as the ever-evolving threat landscape becomes increasingly sophisticated and takes advantage of any emerging vulnerabilities, such as an increasingly fraught workforce or inexperienced team members. Providers should be proactively offering clear roadmaps to evolve their customers’ security posture rather than issuing rigid, complicated contracts that busy Healthcare staff don’t have the capacity to ponder.

Future for Healthcare and long-term protection

The need to demand more proactive, up-to-date and accurate reporting to drive quicker decision making is key for the sector. Speed and accuracy are everything in Healthcare. As one of the top frustrations for Healthcare CISOs, too many false positive alerts create a lack of clarity, therefore resulting in a delayed response, potentially adding to the serious nature of a cyber attack and further exasperating the already dire burnout issue for the sector. Key processes that providers should be carrying out include continually validating analytics to ensure that threat data is accurate and tracking emerging threats and vulnerabilities using proactive measures such as Detection Surface Validation, intercepting and investigating any potential threats using Attack Disruption methodology.

Another area is the push for closer integration so providers can better understand an organisation’s environment and spearhead plans – we’ve seen a huge desire in the Healthcare sector to either outsource or take a hybrid approach. Providers need to integrate more closely with internal teams, take on more responsibility and accountability, and make the time to truly understand customers’ environments. By spearheading cyber defence roadmaps providers can lead CISOs in the sector through this ever-evolving landscape.

The relentless pressure on the Healthcare industry comes from all angles, including from the velocity of cyber attacks. To combat any threat to people’s personal health data, detection needs to be accurate and swift. The sector does not have the capacity to manage this, and so leaders and decision makers are relying heavily on outsourced or hybrid approaches. Ensuring providers are putting forward robust, flexible and highly effective cyber security offerings is fundamental for allowing Healthcare organisations to thrive and present an unrivalled experience for people and their families.

By Dominic Carroll, Director of Portfolio at e2e-assure