Nearly a third of hospitals and health systems are planning to implement biometrics (29%), digital forensics (28%) or penetration testing (28%) within the next 24 months, according to new HIMSS research. (HIMSS is the parent company of Healthcare IT News.)
However, 43% say funding is keeping their organizations from executing on security challenges they have, the research shows. This is not good as healthcare remains a primary target of cybercriminals.
So Healthcare IT News has interviewed a cybersecurity expert to get his views on where healthcare cybersecurity will be headed in 2022. Manoj Srivastava is general manager of security, ID Agent and Graphus at Kaseya, a vendor of IT management software.
Q. What do you see on the horizon in 2022 when it comes to technological advances in healthcare cybersecurity?
A. There are at least three technological advances that will apply to healthcare cybersecurity and across other industries as well. They are password-less authentication, secure access service edge (SASE) and zero trust.
Will passwords finally become a thing of the past? Possibly. The use of password-less authentication is growing, as it can help healthcare organizations reduce security risks associated with passwords.
Eliminating passwords can reduce the risk for a data breach since compromised credentials account for a large percentage of breaches. There are various ways to verify identity other than passwords, including biometrics, such as fingerprints and one-time passwords, which require users to input a code that is either emailed or sent via SMS [Short Message Service] or used with an authenticator app.
An SASE combines SD-WAN [software-defined wide-area network] and security into cloud computing and is quickly becoming a VPN [virtual private network] replacement for remote work and distributed offices. Security consists of digital identity, which may be connected to a person, device, cloud service, software or even an IoT [internet of things] system. SASE makes it more secure without the complexity and latency of the traditional WAN/VPN approach.
Finally, zero trust is a shift of network defenses toward a more comprehensive IT security model. It is about not trusting any user or any device, even if it is already connected to the corporate network.
Any time a new resource is requested by connected users and devices, re-authentication is required. Zero trust is a security model or a security architecture. Products supporting various security controls in a network are now supporting zero trust.
Q. What’s going on in the tech side in the cybersecurity space? What new technologies/techniques are emerging?
A. There are two emerging technologies, homomorphic encryption and blockchain, whose impact on the security of the healthcare industry is particularly interesting.
Homomorphic encryption (FHE) enables people to collaborate simultaneously without revealing confidential data. By using an encryption scheme, users can run tasks on encrypted data producing the same encrypted results as if they were using plaintext.
Typical methods of handling sensitive data with collaborators may be at risk. When files are sent, they may be encrypted, but once in use, they are decrypted providing bad actors with opportunities to access the data.
FHE eliminates this by allowing people with access to manipulate the data, keeping it encrypted and reducing the time it is decrypted. Another feature of this technology is that it can restrict decryption access so people can view only the parts they’ve been granted access to.
Keeping medical records safely stored and protected has long been a priority, and challenge, for healthcare organizations. Blockchain tech may make it a little easier to achieve while minimizing fraud and the costs associated with it.
Through blockchain technology, patients can access their medical information through a collective network. This technology allows for greater security and privacy. Additionally, the information would be housed on a single, trusted platform where physicians and other medical personnel could access the same data. Updates would be available immediately to everyone at once potentially revolutionizing patient care.
Q. What does the next year look like when it comes to ransomware, and the volume of malicious attacks? And what should healthcare provider organizations be doing to prepare?
A. The industries most impacted by ransomware are the public sector, professional services and healthcare. In addition to the perception these industries can pay ransom, they tend to store large amounts of data and safety measures are not as good as they should be.
Bottom line – no industry is immune from ransomware attacks, but these are the most vulnerable. Also, companies with 1,000 employees or fewer account for nearly 70% of ransomware attacks. With emerging variants always on the rise and attack vectors getting more sophisticated, it’s safe to say ransomware attacks will continue to plague healthcare providers and society as a whole.
There are three interesting factors at play – the U.S. government is determined to go after cybercriminals behind ransomware; there is increased international cooperation; and new regulations might get approved to track bitcoins and other digital currencies.
All together, these should bring down the number of high-profile attacks targeting critical infrastructure, including healthcare. But cybercriminals are not going to go away that easily. They might just change their tactics. Instead of targeting larger organizations and demanding seven-figure ransoms, they might just target a larger number of smaller organizations and demand only five- and four-figure ransoms to stay below the radar of law enforcement agencies.
To prepare, organizations should perform regular data backups and integrity checks of those backups and provide security awareness training to employees to avoid phishing and other social engineering tactics.
Additionally, there should be a patch management system and discipline in place. Finally, limiting privileges to access files and directories also is essential to mitigate lateral movement of attackers if they were to breach non-privileged user accounts.
Q. What other cybersecurity developments do you think will be important for healthcare in 2022?
A. As the internet of things continues to expand its reach in the real world, including the medical field, IoT security will also need to be prioritized by healthcare providers. Thousands of devices that comprise the internet of things must be protected – that includes items you may find in hospitals and healthcare centers, such as infusion pumps and remote patient monitoring devices, among others.
As tech expands, other intelligent medical equipment also will need to be safeguarded, as well as things we may use every day, from smart elevators to smart HVAC systems.