10 Best Practices: How to Prevent Cyber Attacks in Healthcare Settings

Article | Deryck Mitchelson, Field CISO EMEA at Check Point Software Technologies

Historically, healthcare organisations have represented high-risk cyber attack targets, resulting in withering large-scale security interruptions. Breaches have exposed private information belonging to millions of people, and attacks have been known to cause physical harm. In the remainder of 2023, we’re poised to see a continuation of past trends.

However, a seismic shift is happening in the healthcare space. Cyber security is becoming a core tenet within the patient-centred care model, as cyber security aligns with patient-centred provider goals. Care must be of high quality, and must meet patient satisfaction scores; neither of which are possible in the absence of cyber security. Leaders are beginning to take this seriously.

When thinking in terms of patient-centred provider care goals, cyber security needs to command the space that it occupies. Cyber security needs to be the best that it can be. As a healthcare security professional or decision-maker in the process of rethinking how to prevent cyber attacks in the healthcare setting, consider the following attack prevention strategies.

How to Prevent Cyber Attacks in Healthcare Settings

1. Implement Role-based Access Controls

Access grouping and access granularity is appealing in healthcare environments, as it allows for users to maintain discretionary capabilities over his/her own objects and yet also permits organisational administrators to set up and oversee rules.

While role-based access may need to be refined as new realities present themselves (emergency situations or other unpredictable scenarios), syntheses of international literature on the topic show that role-based access controls broadly increase patient privacy, security and regulatory compliance capabilities.

2. High-level Buy-in

Organisations that are in the process of cultural changes around cyber security need to ensure a ‘positive tone’ from the top. Research shows that when communications pertaining to the values of risk management and cyber security come from the top, principles are adhered to more closely than when simply communicated from the desk of a cyber security professional.

3. Provide Healthcare Staff with Education

Assess existing levels of privacy and data security awareness (ex. through surveys) and subsequently plan training opportunities for both clinical and non-clinical staff. As the security landscape changes, ensure that front-line staff members are given further insight into possible security issues and prevention techniques.

4. Assess Patch Management and Vulnerabilities

Cyber criminals have a habit of targeting unpatched or otherwise unaddressed vulnerabilities within systems. Technological advances enable cyber criminals to scan systems for weaknesses, which then receive prompt attention from the hackers. As a result, patching must occur across systems at regular intervals and security managers should take care to routinely assess weak points.

5. Bring in Ethical Hacking Services

Along planned intervals and with the direct support of relevant departments, invite ethical hackers to attempt to breach your systems. In the event that the ethical hackers manage to break through, you have precise insights into what policies, processes, tools or devices require further security attention.

When inviting ethical hackers to assist, get to know who you are working with and gather as much information from them as possible. Ensure that any hired ethical hackers can provide details concerning the tools used, issues found, and how to resolve them.

6. Build Backup Repositories

Although getting all of the components into place can prove time-consuming, the best way to limit potential cyber attack damage is through the development of robust data backup systems. Automated, regulatory compliant cloud-based backup services can provide reliable and safe options, even for organisations that maintain vast volumes of data. They can also offer instant monitoring, which can help organisations report on problems that may necessitate intervention.

For data redundancy purposes, data should be stored in at least two disparate locations; one of which should be in an offline and immutable locale. Consider maintaining at least three copies of current data. Apply data backup infrastructure safeguards; from complex security algorithms that can guard data integrity, to geofencing, to tamper-proof logging. Conversely, also consider applying additional layers of protection that can allow for the deletion of backups if access credentials are unexpectedly compromised.

7. Instant Recovery

Healthcare management groups and organisations can’t afford downtime. Ensure that your healthcare organisation can recover from a disaster in minutes. An increasingly popular option is to purchase Disaster Recovery-as-a-Service (DRaaS). This can pivot disaster recovery from an operating expense into a capital expense. Disaster Recovery-as-a-Service also means that your staff is not solely responsible for spinning up systems.

Regardless of how you plan for disaster recovery, test your disaster response plans on a routine basis. In the event of a ransomware attack for example, it’s best to be able to rely on an at-the-ready squadron of backups, policies, procedures, and trusted experts.

8. Multi-factor Authentication (MFA)

Despite the simplicity inherent in the method, multifactor authentication represents a key methodology if concerned with how to prevent cyber attacks in healthcare settings. Multi-factor authentication offers a series of layered protections to strategically guard networks and accounts.

Microsoft researchers have found that multi-factor authentication can block nearly all automated cyber attacks on its platforms. It also reduces the risk associated with compromised credentials. Multi-factor authentication implementation represents a cyber security best practice.

9. Protect Mobile Devices

Whether your system’s mobile devices consist of Lenovo Tablets, or items like infusion pumps and respirators, determine how you can minimise and protect your IoT/IoMT attack surface. Prevent malicious IoT/IoMT traffic using deep device visibility, risk analysis, zero-trust segmentation, threat intelligence, security

gateways, and specialised healthcare-focused cyber security services. For further insights on this topic, see Check Point Software’s Buyer’s Guide to IoMT security

10. Choose a Reputable Cyber Security Vendor

Your cyber security vendor can serve as a partner throughout your security maturation journey. In conjunction with a cyber security vendor, your organisation will be able to create a formidable cyber defence strategy that’s capable of preventing and detecting the most persistent, sophisticated and advanced cyber security threats.

Closing Thoughts

Empathy in healthcare is not relegated to bedside interactions. Empathetic security leaders and decision-makers can improve care experiences through technology.

A close focus on cyber security in healthcare signals empathy. Patients commonly feel vulnerable due to their personal circumstances. With best-inclass cyber security, organisations can figuratively, representationally, and literally reduce vulnerability.

For more information about how to prevent cyber attacks in healthcare settings, please see CyberTalk.org’s past coverage. For more insights from cyber security expert Deryck Mitchelson, please see Advancing Security with the MITRE ATT&CK framework.

The original article can be found at: https://www.cybertalk.org/2022/06/21/10-best-practices-how-to-preventcyber-attacks-in-healthcare-settings/