This is part 3 of 3 in our healthcare trends series (you can read the first two here and here). The series explores the results after we surveyed hundreds of healthcare organizations to learn their biggest security concerns.
If the number of data breaches is any indication, healthcare security and IT teams find themselves increasingly overwhelmed. Based on the magnitude of the breaches and the amount of patient data already exposed, 2019 will likely turn into another record-breaking year.
Our recent survey of IT professionals in the healthcare sector gave us a better understanding of some of the root causes of this rapidly growing trend.
Among the things we discovered is that because they’re stretched too thin, healthcare IT teams don’t have the time or enough staff to perform core cybersecurity tasks like vulnerability assessments and management. This creates a gap in their defenses, and attackers typically use such gaps to exploit weaknesses and gain a foothold into the environment. Ultimately, that gap you can’t see is what may eventually lead to a devastating data breach.
Many healthcare organizations use the NIST Cybersecurity Framework’s standards, guidelines, and best practices to prioritize their risks and improve their infrastructure resilience. In our survey, we found that the identification function of the NIST framework was among the biggest areas of struggle. One of the goals of the identification step is to identify assets as well as their vulnerabilities.
We learned that:
- 42% of healthcare respondents struggled with the identification function.
- More than 40% didn’t know what assets were on their network before performing vulnerability scans, and lacked the time to check for vulnerabilities on a regular schedule.
Why Vulnerability Assessments Are So Important
Hospitals and other healthcare organizations face a myriad of security risks each day. Risk management helps minimize those risks—and ultimately strengthens your overall security posture. But you can’t do it effectively without first understanding your priorities.
You need visibility into all assets that impact risk as a first step toward shrinking your attack surface. Without visibility, you don’t have a complete picture of where your vulnerabilities are, and can’t prioritize remediating your most valuable and most at-risk assets right away.
You may not know about all the devices that connect to your network, but that doesn’t mean attackers won’t find them. Using automated tools, they can scan your environment for misconfigurations, unpatched software, and other weaknesses quickly and at scale.
Because IT teams are so time-constrained, they simply can’t address all the security weaknesses in a timely fashion. That’s why it’s critical to conduct vulnerability assessments and understand which ones create your biggest exposures.
Once you have a complete inventory of your assets, you can rank risks based on clear metrics, prioritize your activities, assess threats continuously, and understand the full story of your cybersecurity posture.
Make Your Data Actionable
To reduce your exposure to internal and external threats, you need to quantify vulnerabilities. You can obtain needed information from your environment by continuously scanning your networks and endpoints for vulnerabilities. Then, you can apply risk-based scores and make your data actionable.
One thing to keep in mind is that this process requires not only the right technology and processes but also analysts who monitor all this data 24×7. You need human expertise to put the data into the right context and help you better manage the risks.
Download our free healthcare trends report for more insights into the complex challenges facing the healthcare industry today (and what you can do to solve them).