Imagine that your healthcare business needs to pay cybercriminals tens of millions of dollars to recover data and systems encrypted in a ransomware attack. The urgency to return to normal operations is great, not only because your operations are wholly disrupted, but also because many of the providers you work with and their patients are feeling the impacts of this attack, too.
Many organizations in the healthcare industry today do not need to imagine this scenario because they have experienced it, either directly or indirectly. 2024 has already seen ransomware gangs targeting health insurance and services companies and profiting from their exploits.
This activity is not unexpected. Over the past five years, the healthcare sector has witnessed a massive surge in large data breaches. According to the U.S. Department of Health and Human Services (HHS), there has been a 256% increase in large breaches reported to the HHS Office of Civil Rights (OCR) involving malicious hacking and a 264% increase in ransomware. The HHS also noted that large breaches reported in 2023 affected over 134 million individuals—a 141% increase from 2022.
The fine details of how these attacks happened don’t matter, in a way. What’s more important to know is that the need has never been greater for healthcare companies to modernize their digital infrastructure, including their data storage, so they can more confidently protect clinical, financial, and operational data as well as patient privacy. To be resilient, they need infrastructure that can help them spring back faster when cyber incidents inevitably happen.
Investing in security also needs to become a higher priority for many healthcare businesses. Too often, spending on security is seen as less important than investments in other areas designed to drive revenue. There has been long-standing industry resistance to mandatory security measures, but it shouldn’t take an act of Congress or mandates from regulators for healthcare companies to fortify their security. Yes, security can be expensive, but so, too, is a multimillion-dollar ransom payment. And simply hoping that the business won’t be unlucky and get targeted by attackers is not realistic.
A Growing Problem for Healthcare That’s Not Going Away
Cyberattackers targeting healthcare businesses and their data not only compromise sensitive medical information but also disrupt critical services, which could potentially lead to life-threatening situations. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) names healthcare as one of 16 critical infrastructure sectors “whose assets, systems and networks whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”
Complicating matters for healthcare organizations is the fact that they have so much data to protect, from patient records and imaging data to financial information and intellectual property. Legacy storage and core systems are straining, and often failing, under the pressure of ballooning volumes of data. Mergers and acquisitions, common in the healthcare space, lead to even more data to manage, not to mention multiple, disparate IT environments to secure.
The need for effective data storage solutions only increases as the healthcare industry increasingly relies on digital platforms to store and access patient data—and provide services like telehealth, virtual waiting rooms, and remote patient monitoring solutions. If they want to use artificial intelligence (AI) and advanced analytics to generate fast insights for better patient care, they need the right architecture.
5 Ways Hospitals and Health Systems Can Uplevel Data Protection and Overall Agility
As is the case with all aspects of cybersecurity and data protection, there is no “silver bullet” to keep everything safe from highly focused and motivated attackers. But there are several steps your healthcare organization can take to safeguard data and build resiliency:
1. Increase visibility
Take an inventory of your assets and potential points of entry, so you know what you have and why, and what might be vulnerable. (That long-forgotten server with outdated software sitting in your hospital basement? It could offer a gateway for an enterprising adversary to breach your defenses and discover lateral pathways that lead to bigger game.)
After you take stock of your IT environment, be sure to monitor events on each asset for anomalies that might indicate intrusion. You’ll need to add technology and people to support this process and make it more proactive than reactive—namely, a security analytics solution and a cyber-threat hunting program.
2. Ensure control amid new ways of working
Distributed workforces and work-from-home policies demand a new approach to cybersecurity that helps businesses control access to data and systems. A “zero trust” approach to security is one solution. This cybersecurity concept operates under the assumption that threats can exist both inside and outside of your network. Unlike traditional security models, it requires verifying every request, regardless of its source, before granting access. With zero trust, identity serves as the perimeter for data access.
3. Reduce your exposure
Building an IT environment that your security teams can maintain and monitor consistently requires collecting vast amounts of data for complex analytics. To support that process and get fast results, you need modern infrastructure.
This will help you to make the most of AI for security operations and defense, while also enabling innovative solutions for patient care that rely on fast data insights. You can also reduce your attack surface by limiting the number of unique “things” in your environment.
To further reduce your exposure:
- Standardize to the extent that you can
- Keep systems patched and updated
- Limit how many administrative credentials you issue
- Use appropriate identity administration, including promptly eliminating identities that are no longer needed or applicable
Is your organization prepared for a ransomware attack? Take this assessment to gauge your readiness.
4. Undermine attackers’ profitability
Encrypting your data turns the table on attackers by making their work more challenging and costly—and your business a much less appealing target.
For example, when you use SafeMode snapshots from Pure Storage®, you can make it impossible for an attacker or rogue insider to delete your backups. That’s true even if administrator credentials have been compromised in an attack. Plus, SafeMode snapshots provide protection to your data if an attack occurs.
5. Take a future-forward approach to disaster recovery
Tiered backup architectures are needed now more than ever to meet the diverse backup and recovery needs of today’s businesses. But they need to be next-generation solutions if you want to mitigate every potential risk and be as resilient as possible.
Pure Tiered Resiliency Architecture is one such solution. It can help your healthcare organization to recover data very quickly in the event of a cyberattack, disaster, or administrative accident. How fast? Think seconds or minutes vs. hours or days.
Learn how to build a resiliency architecture with Pure.
The five basic steps outlined above can help your healthcare organization avoid or mitigate the impacts of a data breach disaster. Upleveling your data protection strategy also makes good business sense and can positively impact your patients.
Related Reading: Pure Helps HealthEdge Address Security Concerns with Storage as a Service
