The late 12th century saw the construction of fortified castles in England, with numerous layers of defence. The most powerful strongholds comprised two rings of towered walls and moats which attackers had to go through before even reaching the castle doors, according to English Heritage.
Effective cybersecurity needs to operate on the same principle, says Jonathan Chin, Business Development Manager, OT Security at Fortinet. This is especially vital for industries inherently vulnerable to cyber attacks, like healthcare.
Chin speaks on the prominent threats facing the healthcare industry today as medtech devices become prevalent, and how organisations can fortify their defences as the English fortified their castles.
The concurrent rise of medtech and cyber threats
The rise of medtech devices is leaving the healthcare industry vulnerable to cyber threats. When devices are connected to the internet, “a whole lot of digital attack surfaces are exposed”, highlights Chin.
For instance, devices like blood sugar monitors are now connected to the cloud so physicians can remotely monitor patients. But this leaves the devices open to cyber attacks. If a hacker alters a blood sugar monitoring device to not reflect spikes in blood sugar, doctors can easily misdiagnose patients.
Another innovation in the medtech industry is the use of holoscience. Surgeons currently use them to operate with greater precision as they can visualise a patient’s anatomy in real time, wrote GovInsider. But if attackers infiltrate these devices and distort the image or increase lag time, it can disrupt the operation and result in potentially fatal consequences.
These devices are particularly vulnerable since they are notoriously difficult to protect. Devices like pacemakers are near impossible to patch because they are embedded in a patient’s body. They offer “almost zero protection”, says Chin.
Besides that, many medtech devices also operate in an interconnected network. “If I can disrupt the right one, I can disrupt the whole network,” he adds.
The vulnerability of healthcare institutions
Healthcare organisations are prime targets for cyber attacks as they are a “critical industry”, says Chin. Attacks on healthcare institutions can have dire consequences: “It could result in not just reputational and financial loss, but loss of human lives.”
Another potential cause for concern is data theft. “If I can steal data, I can sell your data on the market for a hefty sum,” he explains. This is especially concerning since health data is regarded as sensitive information.
For instance, attackers may want to obtain the health information of key personnel in a country or organisation. They can release this information to the public, which may implicate the stock market or political stability of a nation.
Creating a defence in depth strategy
To defend inherently vulnerable medtech devices, healthcare institutions need to have multiple layers of defence in what is known as a ‘defence in depth’ strategy. This is similar to how moats, gates, walls, and barricades defend castles, Chin explains.
A good cybersecurity strategy ensures that attackers are met with multiple hurdles if they want to infiltrate a network. This helps organisations to slow down or prevent cybersecurity attacks, he says.
Healthcare institutions need to ensure all their cybersecurity programmes work together to defend medical devices and networks, emphasises Chin. The Fortinet Security Fabric helps them by providing an overview of all their cybersecurity programmes, even if the products are not by Fortinet, he shares.
With the Security Fabric, organisations can manage their cybersecurity programmes as broad categories like security for medtech devices or network access. Life becomes easier because IT teams need not worry about how to update 40 different programmes, he says.
Such programmes can help organisations reduce the financial impact of cyber attacks by an average of 90 per cent, according to technological research firm Gartner.
The Fortinet Security Fabric helped the Children’s Cancer Hospital Foundation in Egypt unite their numerous security providers. This allowed them to not only achieve HIPAA compliance – a globally-recognised standard for protecting sensitive patient information – but also go completely digital while doing so.
Tech defends tech: AI and ML in cyber defence
There is a “dearth of cybersecurity trained engineers” in the market at the moment, Chin points out. Many healthcare institutions have an assortment of cybersecurity programmes, but not enough engineers to manage them.
“There’s not going to be an engineer that can manage 20, 30 cybersecurity products altogether,” he says.
This is where tech like AI can help. AI can detect anomalous activities in an organisation’s network. Fortinet does so by training their programme with 20 million virus signatures. Once the programme detects anything resembling a virus signature, it will flag and block the threat, and send an alert to the security team.
Automation can also help organisations improve efficiency by streamlining processes such as screening logs, says Chin. Logs are probably the hardest thing for any engineer to analyse due to their sheer volume, he explains.
Automated programmes like Fortianalyzer can help to sift through this data and create incident reports in the event of any anomalous activity, reducing the need for human labour. Colombian health insurer Mutual Ser EPS, for example, used Fortianalyzer to monitor potential threats. This freed up their IT teams from constantly having to look out for potential attacks and threats.
Another tool healthcare organisations can use is a programme that automatically detects an infection or unknown files. This programme can determine the origins of anomalies within seconds rather than the days or weeks IT teams previously needed, says Chin.
The duty of healthcare institutions is to treat and protect the wellbeing of patients. This extends not just to physical ailments, but the cyber realm as well. This is why cybersecurity and medtech need to work hand in hand for the good of patients.