Don’t Just Count Devices – Defend Them with Active Attack Detection
On behalf of the cybersecurity industry, I’d like to apologize: we have failed you.
Cybersecurity investment has never been higher – according to Gartner, it’s projected to reach over $170 billion dollars in 2022, a figure roughly equivalent to the GDP of Hungary, and that number has been increasing more than 10 percent each year. Yet, even with all that security spending, successful cyberattacks are also at all-time highs. Ransomware attacks, which already doubled in volume in 2020 over the previous year, shot up 134 percent in 2021.
If you narrow it down to healthcare, the panorama only gets worse. Healthcare breaches set a new record in 2021, with 45 million patients affected, triple the number from three years ago. Ransomware costs for healthcare providers topped US$20 billion in 2020, the last full year in which data is available, and that was double the previous year. Most damning of all, healthcare has had the highest cost per breach of any industry ($9 million per incident, a 30 percent increase over last year), and has done so for over a decade now.
Why didn’t bigger cybersecurity spends drive better security outcomes?
The Process-Oriented Trap
Cybersecurity is often presented to those whom it would protect as a multi-year journey where the customer starts out exposed and eventually gets to a place where their security posture is optimized for maximum protection. A drawn-out, multi-year roadmap leading to eventual cybersecurity nirvana is a comfortable position for both vendor and customer. For the vendor, it provides multiple chances to upsell other solutions over time. For the customer, it slots nicely into the pre-existing third-party contractor procurement procedures any given organization is accustomed to utilizing for varied business needs. Hospitals in particular are often centralized around process-oriented organizational management meant to complement the way that doctors and nurses approach patient care.
Unfortunately, cyberattackers are not known for their adherence to bureaucracy. Their attack techniques and methods are organized around which targets will get them the most money in exchange for the least work – an organizing principle that speeds up timetables considerably in comparison to the entities they are seeking to attack. While organizations undertake dozens of protracted implementations on their way to security maturity, they are getting successfully attacked in the meantime. To top it all off, usually threats have evolved several times before the promised security maturity arrives, obligating organizations to start their journey again from scratch with newer technologies to fill the gap in a never-ending cycle.
A Paradigm Shift in Healthcare IoT Security
We have seen this process-oriented security approach play out in healthcare IoT security – where inventory is prioritized above identifying and addressing the risks IoMT and IoT devices face. In the early days of healthcare IoT protection, this approach made a bit more sense – hospitals didn’t have visibility into their amount of devices they had, and carrying out an inventory project was a simple way to show security progress in a novel environment hospitals were only beginning to wrap their heads around from a security perspective. This approach also aligned well with vendors who were laser focused on creating technology for finding devices and promising to address security at a nebulous point in the future.
But inventory is only a piece of the healthcare IoT security puzzle, and at this point is straightforward enough that it has become commoditized. Inventory alone will not keep devices secure; if anything, it will just reveal new problems for IT security staff that they are not equipped to solve. It’s not enough to get visibility into devices; hospital security staff need tools to effectively mitigate and remediate the risks and attacks on IoT. These risks are also quantifiable and staggering – Cynerio research has found that over half of IoT devices in a typical hospital have at least one critical risk that would affect patient care, service availability or data security if an attacker managed to exploit it. What’s the point of counting all these risky devices in a lengthy asset management and inventory exercise if you can’t efficiently provide security for them as you do so?
Start Securing Your Healthcare IoT Now at No Cost
Solid cybersecurity is not a years-long procedural journey reminiscent of the waterfall development approach popular in the 1980s – it’s a dynamic set of challenges and solutions that can efficiently be adopted by any healthcare organization. With that in mind, we developed Cynerio Active Attack Detection, a one-week, no-cost evaluation of your healthcare IoT footprint to help keep your hospital secure against the attacks that increasingly target IoT devices.
Active Attack Detection was designed with simplicity in mind. Cynerio will ship you a passive collector, walk you through the installation in under an hour, and begin identifying attacks legacy systems miss in a matter of moments. The results to date have been shocking, with live ransomware and malware attacks found in 80% of deployments and widespread critical risks identified every single time. Stop waiting for extended inventory processes and promises of long term security improvements that are always just out of reach. We can give you visibility into the risks and attacks affecting your healthcare IoT devices NOW, along with recommendations on how to remediate everything we find.
We don’t just count healthcare IoT devices at Cynerio; we defend them. We’d like to show your hospital the unique, patented way that we do so, at no cost and with no further obligations. Get in touch if you’d like to get started, or stop by our booth at VIVE or HIMSS to learn more.