By Antoine Korulski, Product Marketing Manager, Infinity architecture
Highlights:
- The Healthcare sector was the most targeted industry for ransomware during the third quarter of 2022, with one in 42 organizations impacted by ransomware.
- 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio, they concluded that having too many security vendors results in complex security operations and increased security headcount.
- Save the Date – December 7th for a Healthcare CISO Talk. Register Here: EMEA/APAC AMERICAS
What’s the most effective way to achieve cyber resilience – to consolidate security or to take a best-of-breed vendor approach? It’s a long-debated topic within IT circles with each option offering viable technical and business arguments. As a CISO every conclusion you come to will impact your cyber security effectiveness for years to come.
A recent survey by the Ponemon Institute stated that more than 20 percent of healthcare organizations reported increased patient mortality rates after experiencing a significant cyberattack and another 57 percent said they experience poor patient outcomes.[1] Additionally, the study identified four common types of attacks – cloud compromise, ransomware, business email compromise/phishing, and supply chain.
Successful cyberattacks on healthcare organizations can be disruptive and even deadly.
In this post, we use the healthcare industry to illustrate how a consolidated security approach can best assess and address your organization’s security gaps. Healthcare facilities such as hospitals, clinics, labs, and other medical environments offer a broad and complex attack surface. These facilities include networks, cloud infrastructure, desktop, and mobile endpoints, as well as network connected IoT devices. The latter are sensor-driven medical devices that track and monitor in real-time, most are not designed with security in mind.
Healthcare providers’ dynamic environments also introduce complex layers of user types and access privilege levels that can make sensitive personally identifiable information (PII) and other medical data ripe for cyber thieves. The emergence of breaches initiated by nation-state-sponsored cyber gangs can select specific targets to damage reputations.
The cost of a breach in the healthcare industry went up 42% in the past 24 months. For the 12th year in a row, healthcare had the highest average data breach cost of any industry with an average total cost of a breach ballooning at $10.10M. (Source: IBM and CPR)
The challenges of the healthcare system’s multi-vendor environment
Is security consolidation a viable option for healthcare professionals to consider? If so, how will it significantly enhance an organization’s security posture, improve security operational efficiency, and greatly reduce TCO (Total Cost of Ownership)?
In their CISO Effectiveness Survey, Gartner reported that 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio; 12% have 46 or more. They concluded that having too many security vendors results in complex security operations and increased security headcount.[2] Eight percent of respondents saw vendor consolidation as an avenue for a more efficient security strategy. Where IT budgets are often constrained, the question arises: How do healthcare CISOs deal with the bloat of security products?
Consolidation is a big desire from customers—possibly a response to the tool sprawl that we mentioned earlier. There is a feeling in the market that there might already be too many companies, so it’s not just about more innovation but also building integrated platforms so customers can go to one place and get more baskets of services.[3]
Healthcare organizations heavily targeted
Check Point Research (CPR) reported that on average the healthcare sector experienced 1426 weekly attacks, a 60 percent increase in 2022 over the previous year.[4] Some of the most high-profile attacks have targeted healthcare organizations. In recent weeks, it was reported that the National Health Services (NHS) had suffered an attack and several services, including NHS 111, some urgent treatment centers, and some mental health providers were taken offline.[5] The ransomware attack targeted a software supplier for 111 telephone advice services, GP surgeries, and some specialist mental health trusts.
Deryck Mitchelson, Field CISO, Check Point, said that the NHS service’s threat landscape has grown significantly, with the increased likelihood of major cyber-attacks at any time.[1]
Today’s ransomware economy is a complex operation extorting millions of dollars per ransom, holding entire organizations captive under the threat of a total system shutdown. As a business model, Ransomware-as-a-Service (RaaS) has seen the appearance of low-cost affiliate programs for any criminal to get involved. In one recent case, “diabolical” is the term used to describe a cyberattack on a major Paris hospital.[2] A wide range of IT systems were paralyzed, and the threat actor demanded $10 million to unlock them and threatened to release patient data. In the attack’s aftermath, hospital staff struggled to provide emergency services and patient data and prescriptions had to be handled manually.
Besides ransomware attacks, healthcare organizations – in line with every industry – can expect to experience a vast array of attack methods, including phishing, various botnet attacks, distributed denial of service, and more.
Check Point Infinity ELA
Healthcare depends on innovative solutions and services, and any disruption can endanger lives and livelihoods.
What actions can CISOs take to better ensure the protection of their organizations?
One answer is to consider the use of a consolidated security platform designed to guard against today’s critical zero-day and fifth-generation threats across the network, cloud, IoT, and endpoints. Check Point Infinity architecture leverages Check Point’s ThreatCloud, a real-time global threat intelligence platform that monitors networks around the world for emerging threats and vulnerabilities.
Check Point Infinity is based on a flexible ELA (enterprise license agreement) that can be tailored to an organization’s specific requirements and individual application priorities. Infinity ELA’s simplified pricing structure is clear and streamlined, allowing an organization to deploy security solutions gradually and optimize costs. As an example, one may want to address endpoint security first, and at a later point, focus on network security. The Infinity consolidated security architecture achieves a reduction of security total cost of ownership (TCO) by an average of 20 percent.
Follow the link to read more about the Check Point Infinity Enterprise License Agreement.
You can also visit Check Point Healthcare Cyber Security Solutions on our website to get an overview of what we offer.
Join Us for the below Healthcare CISO Talk on December 7th.
A panel of three security executives will discuss challenges and opportunities in securing life-critical IT infrastructures.
Register Here: EMEA/APAC AMERICAS