Cyber SecurityICS/OT Security

Cyber Security for Healthcare: Top 3 Threats and How to Mitigate Them

By March 1, 2017 No Comments

Let’s face it. Cyber security for healthcare is constantly evolving with cyber threats only intensifying and happening more and more often. Many times it can be an innocent mistake by an employee who accidentally clicks on a phishing link within an email and ends up being a target for ransomware.

Many ransomware attackers have changed their method of attack to encrypt not just files on an individual computer, but on core servers in order to prevent an entire health care organization from accessing shared files and databases. The really malevolent attacks also go after backup repositories that might ordinarily be used to restore data.

Last year, a hospital in Los Angeles was basically paralyzed for over a week when hackers were demanding millions of dollars in ransom to return access to their email and electronic health records.

After considering the highest threats and associated risk exposure, Red Trident has come up with the top three considerations for healthcare organizations:

Cyber Security Issue #1: Unprotected Endpoints in the Healthcare Industry

Effectively managing and controlling endpoints should be one of the top considerations when dealing with cyber security threats for healthcare organizations.

How to Solve:

Application whitelisting solutions should be considered as a mitigation approach. This strategy helps to apply and enforce access control policies and practices. Implement antivirus/antimalware solutions that have advanced threat detection capabilities such as nueral network algorythms, artificial intelligence, or behavior monitoring capabilities, and tie them into a security information and event management (SIEM) solution.

Cyber Security Issue #2: Don’t Forget About ICS & Medical Devices

Most traditional IT solutions don’t address the spectrum of cyber security issues associated with industrial control systems (ICS) endpoints. Medical Devices such as wearable devices and medical systems with embedded controllers or processors all create new vulnerabilities and attack vectors. Industrial control systems (ICS) include equipment such as supervisory control and data acquisition (SCADA), programmable logic controllers (PLCs), and human machine interface (HMI) endpoints. Using ICS and medical devices as attack vectors to compromise IT systems is an increasing tactic used by hackers. Therefore, considering the inclusion of ICS and medical devices in the overall IT infrastructure and security program is a must for 2017.

How to Solve:

Include industrial control systems and medical equipment with embedded processors, and medical devices as assets within your security perimeter.  Integrate these endpoints with your policies and develop specific processes and procedures for managing them within your security program.  Make sure that whoever is in charge of keeping your organization secure has a great knowledge and experience in not only ICS, but also ISC cyber security.

Cyber Security Issue #3: Lack of Real-time Risk Management & Continuous Monitoring

Studies are showing that businesses impacted by IT security breaches suffer devaluation, revenue loss, operational disruption and loss of intellectual property or patient data that can lead to business failure and closure within two years after the incident. Considering to put in place a reliable monitoring and incident response capability as part of your security program is more important than ever.

How to Solve:

Move to a continuous monitoring capability which may be enabled by a SIEM or a critical component of a Cyber Security Operations Center. Regardless of how large or small, healthcare organizations of all sizes now have cost effective options for continuous monitoring through their existing IT security operations team or through managed security service providers (MSSPs) offering onsite and offsite solutions.

Red Trident’s Expertise on ICS Cyber Security for Healthcare Organizations

Red Trident provides cyber security solutions for protecting and securing critical infrastructure with a focus on healthcare and other industries with industrial control systems (ICS), including SCADA, PLCs and DCS systems. As a Managed Security Service Provider (MSSP), we offer various tiers of incident management within our Cyber Security Operations Center (CSOC). Powerful security information and event management (SIEM) tools give you a centralized security monitoring of your cloud, hybrid and on-premise environments with the latest in security intelligence.

To learn more about our cyber security for healthcare solutions, please reach out to us at 832-493-1153 or email