Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Girish Raghavan, GE HealthCare on key ways to strengthen cyber resilience in healthcare sector

Girish Raghavan, GE HealthCare on key ways to strengthen cyber resilience in healthcare sector

Girish Raghavan, GE HealthCare on key ways to strengthen cyber resilience in healthcare sector

By Girish Raghavan,

Girish Raghavan, GE HealthCare on key ways to strengthen cyber resilience in healthcare sector
We live in times when complexity is the new normal. The healthcare sector, particularly, has survived the most complexities in the last few years. The pandemic demanded more, and the reliance on digital shifted gears overnight. Now, simple as it is, cyber is a space pounding with threats.

The healthcare industry has been on the receiving end of multiple high-profile cyber-attacks putting patients’ safety at risk. We live in times when Electronic Medical Records are picking pace, and digital health is becoming a new reality. It means that information of high monetary and intelligence value— patients’ protected health, financial and personal identifying information, and intellectual property related to medical research and innovation- are all in the digital space. If not protected, it could mean the collapse of a complete ecosystem.

Between 2009 and 2022, 5,150 healthcare data breaches of 500 or more records have been reported to the HHS’ Office for Civil Rights. Those breaches have resulted in the exposure or impermissible disclosure of 382,262,109 healthcare records. The recent cyberattack on India’s top hospitals compromised the health data of millions of patients, from those who live in extreme poverty to high-profile bureaucrats.

Losing access to medical records and lifesaving medical devices hampers effective patient care, jeopardising patient safety and care delivery. Access to private patient data not only enables hackers to steal information but also alter data, which could result in severe effects on healthcare outcomes.

Even as cybersecurity experts blamed system failures and process-level data security gaps, the buck doesn’t stop here. As the pace of healthcare digitisation accelerates, it is imperative that we identify and comprehensively address the gaps.

Cyber Attacks threatening Medical Devices: Clinical outcomes follow

Virtually any medical device that connects to a wireless network is a potential target today.
Modern medical devices collect and transmit everything from biometric data, vital stats, medical history, and even billing data across departments. The data may be processed and stored in other devices, onsite or in the cloud. This information could fall prey to identity theft and counterfeiting in the wrong hands. The safety of medical devices is critical to patient safety.

There are possibilities where hackers can target third-party software hospitals to integrate medical devices from different manufacturers. Clearly, there is no room for complacency, and therefore, hospitals need to apply IT risk assessment and data security processes without exception.

Strengthening Cyber Security Resilience in Healthcare

Hospitals may soon have to pay penalties worth crores of rupees for failing to protect patient data. Under the Digital Information Security in Healthcare Act (DISHA) expected to be tabled in Parliament soon, the government proposes to set up a dedicated National Electronic Health Authority (NEHA). This regulatory body will regulate digital health products and services in the country. The entire digital healthcare value chain would come under its ambit – from the manufacturer to the end-user.

Cybersecurity Awareness Month reminds healthcare institutions to understand the threat’s evolutionary and persistent nature. It is time we integrated cybersecurity into the very fabric of our organisations. Remember, this is a constant game of cat and mouse where piecemeal efforts won’t be enough. Hospitals need an end-to-end IT risk and compliance process- preferably led by a full-time Cybersecurity Director or equivalent – as part of their operation structure.

The first step is to inventory all the devices you use and plan for contingencies in the event of an attack. Hospitals must also institute cyber security Standard Operating Procedures (SOPs) for their teams. For example, employees must be trained to identify and report phishing emails – a standard modus operandi used by hackers – to designated persons.

Though it may appear innocuous, a phishing attack can allow hackers to take over the entire network, blocking access to patient files. Tell-tale signs include suspicious-looking sender names, attachments, emails asking for passwords, etc. Secondly, all computers and servers should have multi-factor authentication enabled. Employees must be discouraged from sharing their login credentials.

Hospital management must conduct regular audits to assess cyber security compliance and emphasise its importance during team huddles and new-hire briefings. Firewalls and antivirus software should be updated regularly, and spam blockers should be used throughout the premises. Running mock drills can help prepare employees for actual emergencies. Remember, luck favours the prepared!

With the rapid adoption of AI and automation, the future of healthcare will be highly connected. Fully autonomous medical robots are already being trialled in the West. If the last decade indicates, this will bring new challenges for the industry in the years ahead. So, it is imperative that we proactively assess and mitigate the risk from hackers. It’s not a one-time affair. Investing in the latest technology and training can bring compounded returns over time regarding patient safety, regulatory compliance, and market reputation – take action today.

The author is VP – Engineering at GE HealthCare.

Disclaimer: The views expressed are solely of the author and ETCIO.com does not necessarily subscribe to it. ETCIO.com shall not be responsible for any damage caused to any person/organization directly or indirectly.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket