The sheer volume and complexity of data held within the UK healthcare sector makes it a challenge from a cybersecurity perspective to keep secure. In fact, research from a survey we conducted recently revealed that 67% of healthcare organizations in the UK have suffered a cybersecurity incident over the last 12 months.
With the introduction of new data regulations and new technologies across the healthcare supply chain, and with the move towards digital evolution, the industry continues to make itself vulnerable to potential cyber-attacks. Our research, which surveyed senior IT decision makers in UK healthcare organizations, uncovered the top 5 cybersecurity risks threatening the sector:
1. Introduction of viruses/malware from third-party devices
48% of all healthcare cyber incidents in the last 12 months have been the result of malware or viruses introduced to the network by third-party devices.
These devices can be anything from a removable media device such as a USB stick, to an IoT device connected to the network. Given the complexity of healthcare networks and the prevalence of these devices, it is often a difficult task for IT security teams to keep track of all devices connected to the network. However, as a result of this very point, healthcare organizations need to see endpoint security as one of the biggest threats to their organization. Every device connected to the network creates another potential entry point or point of origin for security threats. No matter how well-secured email and web channels are against the threat of malware, if there is an open back door (in the form of a third-party device), the entire organization remains at risk.
Clearswift’s Endpoint Data Loss Prevention (DLP) solution is specifically designed to mitigate the threat of malicious content entering networks via third-party devices. It regulates what devices can be connected to the network and what content (files) can be copied to and from them, encrypting the data where necessary to ensure it can’t be accessed if the device is lost or stolen.
2. Employees sharing information with unauthorized recipients
According to our research, over a third (39%) of breaches within the healthcare sector occurred as a result of employees sharing sensitive data with unauthorized recipients. While it is likely that most of these incidents occurred as a result of human error rather than malicious intent, it does illustrate how easily an organization’s compliance can be put at risk by simply clicking a button. Under GDPR rules, sending patient data to an employee or supplier without access authorization can put the organization at risk of receiving a fine of up to €20 mil or 4% global turnover (whichever is larger).
To help combat this threat, healthcare organizations need to adopt a more cyber-aware culture. Employees should be at the core of any data protection strategy, so it is critical that employees are educated to know and understand security policies – both organizationally and from a wider industry perspective – and how to handle data securely.
Data Loss Prevention (DLP) technology can also be deployed to provide an additional safety net for when accidents do occur. For example, a provision for encrypting messages based on direction and policy (i.e. if the message includes PII or other sensitive data) would at least prevent them from being read by the wrong people.
3. Users not following protocol/data protection policies
Another key threat for the healthcare sector, identified by 37% of respondents, is employees not following protocol/data protection policies. This includes general policies such as GDPR and more industry specific ones such as the Health Service (Control of Patient Information) Regulations and HIPAA. Again, much like reducing the threat of accidental data loss, improving employees’ understanding of the policies and knowing what procedures to follow when policy is broken can be achieved with regular training and technologies in place to minimize risks.
Clearswift’s Discover, Secure and Govern approach adopts real-time monitoring and unique adaptive security features to help to keep the organization compliant with regulations and ensure it remains this way when policies change.
4. Links (URLs) in emails/social media posts
28% percent of those we surveyed identified malicious content entering the network via links in emails or social media posts as a key threat. Cybercriminals target employees in the hope that they click on the URL, and once the employee is compromised, it allows them to gain access to sensitive information or release malware/viruses onto the network. While phishing campaigns are not new, our research suggests they remain a key cybersecurity issue within the sector.
To mitigate the risk, healthcare organizations can implement email and web security solutions that can identify active code and disable URLs before they enter the network. Automatic sanitization is a feature that will cleanse URLs embedded within email messages and documents, allowing a safe version to be delivered.
5. Downloading files/images
In a similar vein, a further 28% saw downloading files or images a key cybersecurity threat. Much like links, files and images can be weaponized by cybercriminals and used to gain access to sensitive information on the network or to release malware.
To help combat this threat, DLP solutions can be deployed to detect harmful payloads in documents and images, scanning for any sensitive metadata that could put the healthcare organization at risk Images are a particular concern because attacks using steganography – a technique where data or malware is concealed within images – are on the rise.
Clearswift’s anti-steganography feature automatically sanitizes images flowing in and out of the network, mitigating the risk of malware entering the network through a compromised image.