Healthcare is one of several industries that has made tremendous strides with integrating advanced technology into their medical environments. Doctors can now communicate with their patients in a number of different ways, including email, updates through text messages, automated prescriptions, as well as communicating through customized portals, specific to that healthcare environment, to conveniently send information. We can now access our medical histories and data through these portals, without having to wait long periods of time. The proliferation of doctors and hospital staff bringing their own devices – laptops, tablets and other mobile devices has also lessened the time it takes to send and receive information. It’s becoming a digitally rich environment to work and to treat patients.
As highly sensitive data is transferred numerous times, through numerous devices, security is extremely important. The theft of this sensitive healthcare data continues to challenge many organizations, from smaller private practice offices, to hospitals and large healthcare insurance companies.
- Security incidents have escalated 60% in healthcare.
- The cost of a security breach increased by 282% in healthcare.
- The healthcare industry cites access control and identity management for end users as their top challenge.
The sixth annual HIMSS Security Survey reports equally unsettling information:
- 25% of respondents reported having either a case of medical identity theft or a security breach.
- In US healthcare, insider threat is motivated by workers snooping on relatives/friends (80%), financial identity theft (66%), and identity theft (51%).
- 60% of US healthcare organizations do not have two-factor authentication implemented.
According to a 2012 study by the Ponemon Institute, some 94 percent of medical institutions surveyed indicated they had been the victim of a cyber attack. Even more troubling is the fact that many healthcare organizations do not detect cyber attacks and remain compromised, leaving the healthcare enterprise at great risk of exposure.
Cyber Situational Awareness and Visibility
The main reason for the vulnerability of healthcare companies, is that today’s security is complex, requiring a host of enforcement points or devices to cover the network. These enforcement points generate voluminous amounts of logs. In a typical healthcare enterprise, an intrusion detection system alone can produce more than 500,000 messages a day and firewalls can generate millions of log records a day. It is not humanly possible to scan all this data. Even with automated log analysis, it is time-consuming to identify critical security incidents and to investigate them. To add to this challenge, data collected by different devices often do not provide a complete picture of the healthcare organization’s security posture. What appears to be normal behavior when viewed on its own may reveal evidence of abnormal activity when that data is cross-correlated and analyzed. By automating the aggregation and correlation of raw log data, we can drastically reduce the amount of data that has to be reviewed so security analysts can quickly discern and isolate the real security threats.
Increasing regulatory pressures combined with a dynamic threat landscape requires that healthcare IT professionals understand the intent of compliance, while being able to manage their security environment to sustaining the protection of patient data and customer information. This can be accomplished through a security management platform designed with integrated policies, automated security operations and comprehensive threat management that enables full-spectrum visibility into the environment’s security posture.
The Bottom Line
An advanced security management platform should be an enabler of innovation and enterprise risk reducer. Through more effectively protecting the integrity of the enterprise network, proprietary data, and connected devices against advanced cyber security threats including sophisticated malware and zero day threats, healthcare organizations can dramatically improve time to respond and contain active cyber attacks, reduce complexity, ensure compliance, and dramatically improve organizational security risk visibility.
For more information about security management, click here.
 PWC 2015 Global State of Information Security Survey