With ransomware attacks now prevalent across healthcare and IoT/IoT devices extremely vulnerable, vendors continue to Make cybersecurity investments to protect their patient data and organization. But is this enough?
As cyber attacks explode, hospitals and health systems should also do better threat analysis and be more keen on cross-cyber attacks. Industry collaboration and greater vigilance about basic cyber hygiene, according to Taylor Lehmann, chief of staff at Google Cloud.
Lehmann served as CISO for Wellforce (now known as Tufts Medicine) and CISO for athenahealth, and is a co-founder and board member of the provider’s third-party risk management committee, the Health Information Sharing and Analysis Center, or Health-ISAC.
He talks to Medical IT News to discuss cyber-attack risk, collaboration and transparency, industry intelligence, Google’s Health-ISAC partnership, and responsibility for developing and improving cloud security.
Q. The healthcare industry is under relentless attack. What needs to happen to fight back?
One . Like many industries considered critical infrastructure, healthcare needs to prioritize building resilient system architectures, teams and processes to manage and continuously Improve them.
As we discussed in our Google Cloud blog about building resilience in healthcare, we believe efforts should be focused Build visibility and structural awareness of systems, including software, and analyze their risks.
The threat model is then used to identify and structure risks, which then inform defense strategies.
Finally, use techniques such as tabletop exercises, purple combinations, etc. to establish mechanisms for stress testing and measuring the effectiveness of these defenses.
Select and track improvements using popular control frameworks, such as the NIST Cybersecurity Framework, which can Also helps manage progress. As part of these efforts, organizations should look for opportunities to automate the delivery of security controls and ongoing assurance.
Q. If cooperation between industry leaders, governments and tech companies is to defend against these attacks Pathways, then what are the barriers to cooperation?
One . Collaboration is one of several important factors that can help industries become more resilient.
In many cases, effective collaboration requires a high degree of transparency between organizations. This could include shared threat models, highly sensitive information, or indicators of compromise, which could indicate that the intelligence-generating organization has been successfully attacked.
This may draw attention to other threats to the organization and motivate it to become active.
Establishing trust and verification mechanisms also takes time, and is often expensive and difficult to scale. That’s why organizations like Health-ISAC exist to help its member organizations share information more automatically and securely.
Q. Given your experience in healthcare cybersecurity, What is your overall vision for integrating cybersecurity into the healthcare system?
One . The healthcare industry employs some of the most sophisticated technologies known to man. Few other industries produce technology implanted in humans to sustain life — the stakes are high.
We’ve discussed it in the blog, but to quickly summarize, we need to understand the threats facing industry organizations, understand how they work and make a difference , and learn from these events to drive an increasingly data-driven approach to risk management planning and defense strategies.
Organizations should carefully assess their trust in suppliers and partners and ensure they are getting better and better Security is powered by new technologies driven by these organizations.
Finally, I see vendors and partners taking a more active role in helping healthcare organizations achieve high security Instead of continuing to hide behind a shared responsibility model that makes cloud security incomprehensible.
Q. Can you tell readers about the Health-ISAC partnership and healthcare system How will you benefit from the partnership?
One . The Health-ISAC partnership is an excellent place for organizations to share intelligence about the cyber threats they see and how they can counter them.
Cybercriminals want healthcare organizations to be in isolation because that makes it more likely that an attack on one healthcare system would work against another.
But if all health systems are constantly communicating what they are seeing and how they are better prepared and better able to defend against attacks
As new ambassadors, we are working closely with the health IASA, To identify a set of resources, including people and technology, that Google Cloud can provide and make available to Health-ISAC.
ask. With regard to medical devices, what threats should healthcare IT and information security leaders prioritize as they prepare to integrate and secure device healthcare data?
A . MITRE has published a good guide on this topic. Using a structured threat modeling approach should yield a fairly consistent set of realistic and significant recommendations to address the results of the threat modeling exercise.
Healthcare IT professionals should be very familiar with how medical devices are created, tested, shipped, and monitored. They should have a deep understanding of and prioritize hardware and software, including cloud service providers.
Threat models should be generated and regularly updated as threats change and over the actual useful life of the medical device, A machine or system that processes health records.
Andrea Fox is a Senior Editor for Healthcare IT News.
Email: [email protected]
Healthcare IT News is a HIMSS publication.