The onset of the COVID-19 pandemic has forced health organisations across the globe to re-equip their workforce for remote working. For an industry that has long has fallen behind when it comes to digitalisation, this is no easy feat. A recent global study conducted by Econsultancy and Adobe found that just 7% of healthcare and pharmaceutical companies claim to have gone digital, compared to 15% of companies in other industries.
While the healthcare industry remains behind when it comes to digitalisation, a report by Infoblox found that almost two thirds (64%) of healthcare organisations felt they were “very prepared” when it came to having the right technology and cybersecurity precautions in place for remote working, while 30% felt they were “somewhat prepared”.
Those that were not prepared for this new way of working have found themselves at the mercy of cybercriminals, with 70% of healthcare organisations reporting an increase in attempted cyberattacks as result of the pandemic. While these threats are only set to become more frequent and more sophisticated, just over a third (35%) said that they are actually allocating more resources towards cybersecurity to protect their network, with the majority (60%) choosing to move resources elsewhere.
The pandemic has, of course, put the healthcare industry under huge pressure, but failure to address cybersecurity concerns could have catastrophic consequences. As the COVID-19 outbreak spikes in the US, there have been recent reports of Russian cyberattacks against healthcare organisations and hospitals with the aim of taking facilities offline and holding their data hostage in exchange for multimillion-dollar ransom payments. Closer to home, The Guardian reported that hackers are also targeting UK research labs in the hope of intercepting valuable information as researchers race to find a vaccine.
So, what kind of cyberattacks should healthcare organisations be looking out for, and how can they maintain a solid defense, with minimal resources?
Why the healthcare industry is an expanding target for cyber criminals
With more and more healthcare professionals working remotely, the industry is an expanding target for cyberattacks, and, according to Infoblox’s survey data, healthcare organisations have experienced multiple different types of cyberattacks. As many as 90% of healthcare organisations have reported seeing social engineering and phishing attacks, 89% said that they have witnessed malware exploit targeting at the edge, 85% said that they had experienced unknown devices attempting to connect to the network and 38% reported DNS/network traffic hijacking.
With a remote workforce connecting to their organisation’s corporate network from what could be thousands of insecure, personal devices, each of these threats become significantly harder to detect and manage. Almost half (44%) of healthcare organisations said that distributing safe, clean devices was their biggest challenge when setting up employees to work remotely. Home and public networks are typically not sophisticated enough to fend off these types of attacks. With teams connecting via Wi-Fi to unapproved, unregulated devices and applications, IT and cybersecurity teams have a lot of bases to cover.
How healthcare organisations are spending their IT budgets
Infoblox’s report found that over three quarters (77%) of healthcare organisations have already changed their cybersecurity plans for when employees begin to return to the workplace – a much higher figure than the gross industry number of 49%. But with 73% of businesses currently re-evaluating their cloud strategy, where is the healthcare industry spending?
Three quarters (75%) of organisations invested in endpoint security and secure DNS, retrospectively, to help secure their networks and employees following the onset of the pandemic, followed by 73% adding AI to detect anomalous behaviour and 73% adding DDI (DNS, DHCP, IP Address Management) to their security stack.
Faced with continually changing circumstances and so many options, it can be difficult for IT teams to know where to start when considering where to invest their security budgets.
Secure from the network’s core
The majority of healthcare organisations operate across a number of sites, whether that’s a medical practice, hospital or from their employees’ homes. As companies continue to deploy their IT infrastructure in the cloud and shift to de-centralised network models, it’s getting more and more difficult to monitor traffic and devices across locations with standard security solutions.
The survey results revealed that the vast majority of healthcare organisations are beginning to invest in DDI solutions to help secure their new remote workforce. This is largely because cloud-managed DDI platforms can extend security policies to the enterprise edge by allowing organisations to automatically deploy and centrally manage core network services to all locations.
What sets DDI services apart from, say SD-WANs or band-aid solutions like VPNs, is that they sit at the heart of the network. From there, they can monitor and flag suspicious activities across both hybrid and multi-cloud environments. Since these services are deployed in the cloud, they help to alleviate the strain on IT teams and enable faster roll-out of new solutions, which is particularly important since many healthcare organisations are making the decision to shift resources away from cybersecurity.
The healthcare industry has reached a crucial tipping point. It’s struggling to cope under the strain of a global pandemic, whilst constantly under fire from cybercriminals looking to exploit this. With funds being prioritised for urgent care, IT decision-makers need to carefully consider the areas they invest in and prioritise long term solutions that will help detect threats at source as their networks continue to expand to support the growing needs of the borderless enterprise.
By Keith Glancey, Systems Engineering Manager, Western Europe at Infoblox