We are currently in the third wave of the cybersecurity industry, and it is the most challenging in terms of technology and scale. The initial wave comprised the earliest days of the internet until 2005. Since then, the rise of mobile and the cloud saw attackers develop increasingly sophisticated techniques to bypass cyber defences. The latest wave of innovation involves the adoption of a more proactive defensive approach, using machine learning and artificial intelligence (AI) to discover and analyse the growing landscape for attacks.
Listed below are the key cybersecurity trends in healthcare, as identified by GlobalData.
Prevention begins with endpoint education
Employees should be educated about how their day-to-day activities interact with the organisation’s security defences. They need to be informed about the ramifications of sharing sensitive account credentials or installing unsanctioned applications, and the dangers of opening unknown email attachments.
Healthcare organisations continue to fall short on educating their staff about cyber threats due to the fragmented nature of healthcare, and few employees are aware of potential gateways for cyber threats into the enterprise network. Endpoints are the weakest link in a clinical setting.
Healthcare organisations should have a centralised management portal to control and manage the enterprise’s endpoints and network. All healthcare organisations should seek ongoing training programmes for data privacy, protection, and cybersecurity.
Multi-factor authentication uptake is on the rise
Multi-factor authentication is widely valued in healthcare settings and its adoption continues to rise. Passwords are the most common authentication tools in healthcare, yet they are easy to hack. While multi-factor authentication is not new, its uptake in healthcare is slow.
On all counts, securing patient database and electronic patient record (EPR) is crucial for healthcare. By working with security vendors, healthcare organisations can facilitate the implementation of two-factor authentication at low costs—using platforms such as physical tokens, soft tokens, and smartphones.
Biometric identity management is currently being explored by more advanced healthcare organisations and pharma companies. GlobalData expects the use of biometrics in healthcare organisations to grow over the next three to five years, particularly as a way to offer extra cybersecurity layers, control identity management and access, and offer a smoother clinical experience.
Network segmentation reinforces providers’ security
Network segmentation, which involves separating each network and making it visible only to those who have the right to access it, is gaining popularity as a way for carriers to control levels of access to sensitive data. The greatest benefit of network segmentation for healthcare organisations and the wider healthcare ecosystem is that it can limit access to medical data and ensure compliance with regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Network segmentation can limit the vulnerability of legacy systems that are currently impractical to upgrade or are in the process of being upgraded. Many attacks start with phishing emails to gain access to the organisation’s network, then make their way through back-office systems and into critical infrastructure.
Real-time analytics detect advanced threats
Healthcare organisations are working towards breaking down data silos for more effective sharing across healthcare networks. Simultaneously, vendors are continuously striving to add new channels and devices that plug into the enterprise network, which results in more data flows.
Analytics is positioned as a core enabler to help vendors achieve superior customer service. While healthcare providers already apply analytics to some extent to improve population health management and clinical efficiency, it has not yet been used to ramp up an enterprise’s security position. Behavioural analysis is a particularly niche technique within the healthcare sector.
Real-time analytics are considered more powerful, as legacy security information and event management systems (SIEMs) can meet compliance requirements but are no longer well-placed to detect advanced threats. Some vendors advise that SIEM is no longer sufficient in its own right, given that malware can already penetrate anti-virus software.
Push for increasing medical device cybersecurity regulations
In the age of big data, novel medical devices are increasing in connectedness to the Internet, other medical devices, and healthcare networks. Examples of connected medical devices include infusion pumps, implanted pacemakers, and insulin pumps. The use of connected devices brings the risk for hacking directly into patients’ information.
The European Union (EU) has recently initiated the General Data Protection Regulation (GDPR), which mandates that any organisation wishing to conduct business in Europe must follow five key GDPR requirements, and European regulators have published cybersecurity recommendations for many industries including medical devices. Similarly, over the last five years, the FDA has issued two guidance documents for medical device manufacturers: Content of Premarket Submissions for Management of Cybersecurity in Medical Devices in 2014, and Postmarket Management of Cybersecurity in Medical Devices in 2016.
In July 2017, a bill called the Medical Device Cybersecurity Act of 2017 was proposed in the US Senate. This bill aims to amend the Federal Food, Drug, and Cosmetic Act to require the FDA to create a cybersecurity report card for connected medical devices, which manufacturers must then include in a premarket approval application. More recently, the FDA released the Medical Device Safety Action Plan in April 2018, which includes notes on advancing medical device cybersecurity through updated premarket guidance and requirements, as well as the establishment of a CyberMed Safety Analysis Board (CYMSAB).
This is an edited extract from the Cybersecurity in Medical Devices – Thematic Research report produced by GlobalData Thematic Research.