Cybersecurity in Healthcare: Keys to Managing Exposure Points in Critical Environments
Healthcare environments are highly attractive targets for cyber attackers due to the large amount of sensitive data they handle. Patient information, such as medical records, test results, and personal data, is highly valuable on the digital black market: a medical record can cost between 28 and 938 euros.
Pol Perez, Director of the Information Systems Area at the Catalan Health Service (CatSalut), pointed out that in 2022, 53% of the 543 healthcare entities consulted had suffered ransomware attacks, causing a halt in healthcare activities. The National Cybersecurity Institute (INCIBE) also adds a worrying figure: cybersecurity incidents in 2023 have increased by 24%.
The risk is there and the consequences are devastating for a hospital: inability to access medical records, erroneous diagnoses, loss of sensitive patient data, interruption of medical services, postponed interventions, massive data leaks, and damage to the reputation of the affected institutions.
"But each organization must assess its specific needs and design a customized cybersecurity strategy," says Jordi Campo, Health Director at Costaisa Group, "and collaboration between IT teams, security teams, and clinicians is necessary to ensure successful implementation."
Investing in cybersecurity helps ensure the continuity of medical services and strengthens the protection of patients and professionals. "A holistic view of cybersecurity prepares you to detect vulnerabilities and be able to address them," says David Rodríguez, Cybersecurity Director at Costaisa Group, "and unfortunately there is no guarantee that you will not be attacked again, but you will be better prepared."
Having a 360° view of cybersecurity is the only effective way to address this threat:
- it is essential to keep computer systems updated and patched regularly, and to identify and protect all existing points of exposure, both physical and digital, minimizing exposure time and limiting potential damage
- software updates fix known vulnerabilities that can be exploited by attackers
- encrypting data, both at rest and in transit, is crucial to protect patients' confidential information
- implementing robust access and privilege policies, such as multi-factor authentication and limiting access to data strictly necessary for each function, is another fundamental security measure
- periodically conducting security audits (pentesting) helps organizations identify their weaknesses, identify existing vulnerabilities in their systems, and most importantly, how to mitigate and correct them
- and it is also essential to make regular backups of data and store them securely to ensure recovery in the event of an incident
Cybersecurity and biotechnology
On the other hand, increasingly connected medical devices also require special attention. Many of these devices often have obsolete operating systems and known vulnerabilities. To mitigate these risks, it is necessary to inventory all medical devices and assess their security status. It is also essential to establish firmware update policies and segment medical device networks to isolate them from other corporate networks.
Finally, the continuous training of healthcare personnel is essential to raise awareness of best security practices and prevent human errors that could compromise the security of systems. It is essential to raise awareness of the inherent risks of their work and to provide them with the tools necessary to identify and avoid common threats such as phishing or malware. Continuous training is key to keeping staff up-to-date and ensuring they are aware of the latest tactics used by cybercriminals.