Healthcare organizations are among the organizations that host the most confidential data and, as such, represent a particularly attractive target. Indeed, the details contained in medical records are a boon for identity theft and are resold on the dark web at prices higher than any other type of data. According to ANSSI, healthcare is the third sector most affected by cyber risk, and healthcare institutions represent 10% of victims of ransomware attacks. Alarming figures, reflecting a high risk of paralysis of healthcare services, endangering lives and therefore, indirectly, political stability.
The integration of digital tools in an anchored sector
In recent years, the pace of digital transformation in the healthcare sector has accelerated in an effort to improve operations, notably thanks to the sustained adoption of the cloud. Like electronic records, clinical and medical practice management software has migrated to the cloud, with new applications regularly being deployed to improve the efficiency of healthcare teams and services. Facilitating the exchange of information between medical entities, but also between them and key stakeholders, such as health insurance companies or digital identification services, requires technical integrations generally carried out on the cloud.
While the cloud is proving particularly useful in helping healthcare organizations achieve their digital objectives, its ubiquity is not without introducing new risks. Cyberattackers target this environment to drop their payloads and infect industry players. According to our research, half of the malware downloaded by professionals comes from the cloud applications they use for their work.
Furthermore, the workforce configuration raises security challenges. Indeed, an employer must anticipate potential problems for dozens of different disciplines and scenarios: healthcare workers often work in multiple locations, sometimes with different teams, in external laboratories or universities when collaborating on a research project. Frontline healthcare workers, constantly on the move to meet the needs of their patients, may be accessing and viewing confidential medical data or documents from locations, devices, and networks with extremely variable levels of security.
A Balance Between Modernization and Security
Essential in this context, digital transformation cannot take place without a maximum level of security. Indeed, the increasing complexity of corporate networks—as well as the constant evolution of work conditions, environments, and behaviors—gives rise to new risk factors and new vulnerabilities that cybercriminals are able to identify and exploit with ease.
Today, a modern workplace must benefit from equally modern security, especially when the activity is the core target of cybercriminals. Healthcare organizations struggling to identify and anticipate the risks and vulnerabilities they face should turn to companies that can audit the security of their technology infrastructure and recommend improvements.
As a first step, they can implement an architecture that provides panoramic visibility of the network and its traffic, as well as detection capabilities to identify suspicious activity. In addition, priority should be given to data loss prevention (DLP) tools to prevent sensitive data from leaking outside the organization. Finally, the deployment of a zero trust strategy that limits employee access to only the systems and data necessary to perform their jobs.
Prioritize a national strategy
Public funding is an essential pillar of the French healthcare system, a country that has always devoted a significant portion of its budget to this sector, with €325 billion spent in 2023 according to the Drees (Directorate of Research, Studies, Evaluation and Statistics). However, the share allocated to cybersecurity is a decision that falls to industry. The French government has taken several initiatives to promote collaboration and intelligence sharing between the various players in the sector, through benchmarks and qualifications for cloud services (SecNum Cloud), security audit activities (PASSI), detection (PDIS), and incident response (PRIS), supervised by Anssi. The aim is not to spend more on healthcare, but to ensure that part of the existing budget is dedicated to improving its digital security.
To address the growing cyberthreat in healthcare, the public sector has developed the CaRE program (Cybersecurity Acceleration and Resilience of Establishments), based on four pillars: governance and resilience, resources and pooling, awareness raising, and operational security. The aim is to improve digital security in this sector, in order to guarantee the confidentiality of medical data and ensure continuity of care.
0 Comments