Most hospitals are behind on finding, responding to threats
No good head of cybersecurity would ever describe a solution as being "set it and forget it," but there is a degree of automation that the modern healthcare IT network needs to have.
As new classes of devices expand daily, with them come new forms of vulnerabilities, attacks and threats to overall network security.
In its new State of Threat Detection Report, security firm Fidelis has found that as the network traffic in hospitals has grown, the security apparatus has struggled to keep pace.
This includes everything from automated threat detection and response to having a greater visibility of all devices on the network – a crucial security requirement in the ever-expanding world of connected IoT devices.
"Organizations can’t stop their terrain from growing, but they can control what they add to their security stacks for their overly burdened security teams," said Craig Harber, CTO of Fidelis. "This research shines a light on organizations’ need to consolidate stacks and the need for interoperability and unified platforms."
Hospitals need to know more about their networks and how to use their capabilities to protect themselves. Fidelis’ discovery that almost half of their respondents didn’t have full visibility into their networks means that those hospitals can’t be fully sure of where an attack might come from.
This in turn speaks to the low numbers of those engaging in threat hunting, looking proactively for where the next breach or attack might be coming from.
As hospital networks are growing in response to needs as they occur, there is little time to vet how a new class of devices might impact overall security or to assess their overall interoperability in the network’s defense mechanisms.
While many hospitals report low numbers now, most know they need to consolidate their networks and adopt a more proactive approach to security.
Hospitals are networked now like never before, which means that the number of weak points are more numerous than ever. Indeed, threats to a health system’s network can emanate from targets within and without that have no connection to health devices – simply being within the hospital's network and vulnerable to outside attack is enough for malicious agents to gain a foothold.
"While there’s still a lot of work to be done, organizations need to take a terrain-based defense strategy – even in how they maintain and build their stacks – to ensure the increased context and visibility required to facilitate detections and overall security posture," said Harber.
Benjamin Harris is a Maine-based freelance writer and former new media producer for HIMSS Media.