Brad Brooks is CENSYS CEO.
Hospitals, care clinics, and other medical institutions manage vast amounts of patient data, clinical information, and medical records. Unfortunately, this will be a major target of cyber attacks, especially ransomware. Cyber criminals use the vulnerabilities of networks, systems, and devices, and often feel the pressure of medical providers paying ransom to protect patient care and privacy.
As emphasized in recent research, the scale of the assignment is important.
• Data infringement is increasing. In 2023, the Healthcare organization reported a 747 infringement (277 in 2013), including at least 500 records, according to data from the US Health and Welfare (HHS) edited by the HIPAA Journal.
• The impact is increasing. On average, each violation in 2023 had a record of about 300,000, and had more than 160 million per year.
• Ransomware is extended RAMP. According to the FBI Internet criminal report, ransomware has experienced nearly 250 ransomware cases in 2023 and leads all important infrastructure.
• Costs are amazing. The cost of healthcare data infringement is $ 9.77 million. The average cost of all industries is postponed for each cost of IBM's 2024 data infringement report.
In our survey, the estimated 14,000 unique IP address linked to healthcare devices and systems revealed a system that could publish sensitive medical data, further increasing the risk of compromise.
The meaning is beyond economic losses. Cyber criminals are focusing on the confusion of paid ransom or the confusion of strategy for infamous, with little consideration of patient's potential harm to happiness.
So why is health care so vulnerable? Some factors come out:
• Odorable systems and practice: Many medical institutions are dependent on legacy systems and may lack resources to implement basic security measures.
• Restricted Training: The restrictions on the budgets of thousands of large -scale organizations or small organizations are difficult to provide consistent and latest security training.
• Third -party risks: Even if the organization maintains powerful security practices, it remains vulnerable to violations through low -safe vendors and partners.
• Fascinating goals: Hospitals give priority to patient care over operation downtime, making it attractive that the attacker is seeking a quick ransom payment.
In order to protect these threats better, medical institutions can take executable measures.
• Achieve comprehensive assets visibility: monitor and protect all connected assets, from cloud environments to IoT devices and on -premises systems.
• Effective for risks: Focus on protecting assets that are most valuable for the attacker and assets that are the most damaged if they are infringed.
• Use advanced threat detection: Use continuous scan and real -time evaluation to actively identify and solve vulnerabilities.
• Enhancement of access control: Implement strict access management so that only approved staff can interact with confidential data or devices.
• Protect a supply chain: Verify partner security measures with vendors and use intelligence tools to flag the portrait of third -party systems.
Traditionally, the new doctor has swears Hipocrates when entering a medical profession to “do not harm or fraud.” They also promise to “secret” the personal information of these patients. In the modern world, this means a multilayer protection of healthcare networks, systems and devices.
The healthcare industry mission is to protect and care patients. In today's world, it leads to the protection of digital infrastructure that supports their care. By adopting comprehensive security measures, healthcare providers can focus on the purpose of the core that supports people without threats.
FORBES Technology Council is a community only for invitations for world -class CIOs, CTOs, and technology executives. Do you have a qualification?
