One industry that is extremely vulnerable to security threats is healthcare. Cybercriminals seek to leverage personal health information (PHI) for malicious activity. Identity theft, payer fraud, and prescription drug theft are just a few examples. These cybercrimes cost the healthcare industry billions of dollars annually. 

Electronic health record (EHR) theft can be harder to detect than other cybercrimes, as PHI is not easily changed.  In fact, that's why a patient's health record is more valuable on the black market than a stolen bank account or credit card number. Especially concerning are attacks targeting pediatric patient records, because theft and fraudulent use of children's identities may go unnoticed for years. 

Ransomware attacks are particularly threatening for hospitals because criminals understand that blocking access to clinical systems demands immediate action. The cycle is often perpetuated when health systems pay the attackers in efforts to recover and protect PHI more quickly. These attacks are major emergencies that pose financial and health risks, and criminals count on creating that level of urgency to achieve their goal. 

The continuous flow of regulatory change and the increasing rate of mergers and acquisitions make staying up to date with security a growing challenge for healthcare. These industry drivers contribute to the declining margins that most health systems are facing, and this results in limited IT budgets for cybersecurity. In contrast, the banking industry typically spends around 12 to 15 percent of their annual budget on cybersecurity alone. 

So, how can we heal and better defend against healthcare cyber attacks?

There is a response.

There is no miracle solution. This challenge requires a layered strategy, consisting of technology upgrades, operational improvements, strong employee cyber hygiene and a rapid response program. Broad changes take time and commitment, so an immediate action to take is ensuring that the health system can quickly respond and recover. 

Establishing a solid backup, business continuity and disaster recovery program (BCDR) should be the first order of business for healthcare IT. When things go sideways, knowing exactly what to do and when to do it allows for faster response and more effective recovery from cyber-attacks. Being able to quickly restore mission critical systems renders a ransomware attack powerless, while rapidly restoring patient safety and care delivery.

In addition to having a well established BCDR program, healthcare networks would greatly benefit from network segmentation. Implementing a segmentation policy will help in reducing the scope and size of an event, like being infected with a virus or ransomware. Segmentation is a mature strategy, but it does take significant planning to properly implement.

Prevention is your first line of defense, but we all know that bad things can happen no matter how much one prepares. The ability to quickly mitigate the damage when an attack occurs should also be a top priority.  Investing in programs that ensure a rapid response and recovery is crucial to protecting healthcare against a cyber attack.

Let us help you understand the business decisions that should be made while you are thinking about a BCDR program.