Enabling the Latest Advances in Patient Care While Protecting Against Cyberattacks
While digital technology has transformed every industry, the trend is perhaps more visible in the healthcare industry than in many others. Care providers at hospitals move from room to room, accessing myriad electronic devices and records to provide the best care possible. Internet-of-Medical-Things (IoMT) devices prolong life, improve its quality, and make the relationship between the patient and the care team less transactional. In addition, digital technology enables providers in different healthcare organizations to coordinate care more seamlessly.
While providers and innovators in the healthcare sector are dedicated to saving lives and curing disease, their systems are a very attractive target for cyber criminals, and hospital systems and records continue to be breached. Adversaries understand that downtime or other disruptions can threaten human lives. As a result, they aim to cause such disruption in an attempt to sow chaos or extract ransoms from desperate organizations. Personal medical and financial data found on healthcare organizations’ systems is also valuable to hackers.
As healthcare technology becomes more advanced, mergers and acquisitions and increasing partnership between organizations complicate the sprawling infrastructure even more. The result is a ballooning attack surface, increasing numbers of third-party users accessing network resources, and proliferating IoMT devices to address every conceivable medical condition—many of which were not designed with security in mind. At the same time, the healthcare industry is highly regulated, with the Health Insurance Portability and Accountability Act (HIPAA) placing strict guidelines on the sharing of medical information.
Key Healthcare Cybersecurity Challenges
While HIPAA does not require electronic protected health information (ePHI) to be encrypted, healthcare organizations have found that encryption is the only practical way to meet the law’s protection requirements. As a result, a large majority of a healthcare organization’s network traffic is encrypted with secure sockets layer (SSL) or transport layer security (TLS) encryption. Medical organizations need to manage large volumes of encrypted network traffic securely without impacting network performance, with latency impacting everything from staff productivity to patient care. On-demand data availability to support critical clinical services like telemedicine and remote diagnostics will continue to grow, and supporting technologies must be compatible with current releases of 5G cellular data transmission protocols as well as WAN edge optimization.
With increased clinical application integration driven by interoperability and increased market partnerships, the integrity of patient data throughout its life cycle is critical. For example, loss of life is possible when:
- A drug allergy is not clearly indicated on an electronic medical record (EMR) when time matters
- A medical device transmits or receives incorrect information
- The formulary for this year’s flu vaccine is manipulated or compromised
It is also vital to secure research and DevOps environments and segregate them from patient care networks. Organizations must monitor and pass audits to demonstrate their compliance with standards and regulations around data integrity.
As IoMT devices, mobile access to resources, and cloud-based services proliferate in the healthcare industry, organizations tend to fill gaps in an expanding attack surface by purchasing point products or relying on the security tools provided by each public cloud vendor. Since these tools do not integrate with each other, the result is architectural fragmentation. This creates a number of problems around operational efficiency:
- Increased cybersecurity staff time to correlate log reports
- Delayed response to fast-moving incoming threats
- Back-office inefficiency due to a large number of contracts and licenses
- Increased software costs due to duplication of features on more than one product
- The need to maintain expertise with multiple point products on a small cybersecurity staff
Such disaggregation also creates increased “alert noise,” making it virtually impossible for healthcare providers to clearly identify indicators of compromise. Being unaware of threats when they come in can be a life-or-death proposition at a healthcare organization.
Physical Distribution of Sites and Partners
As in most industries, the trend in healthcare is toward consolidation, and mergers and acquisitions are frequent. On top of that, organizations and providers participate in an increasingly complex web of affiliated and unaffiliated clinics, hospitals, research sites, and insurance carriers. All of these entities use and transfer ePHI data owned by the enterprise health system. Owing to their often-disconnected systems, all players in this process struggle with challenges of visibility, data control, access auditing, and compliance reporting. As a result, providing consistent security controls across organizations is a big challenge.
As payments by insurance companies decline and some government reimbursement programs are discontinued, healthcare organizations face extreme cost-cutting measures, particularly for operational expenses. Any dollar added to overhead means that patients’ cost for services increases, and these expenditures will be more apparent to consumers if pending medical services price transparency legislation moves forward in 2020. This means that, if anything, IT and cybersecurity spending will be even more heavily scrutinized in the foreseeable future than it is today.
Jurisdictions around the world continue to enact a patchwork of regulations affecting healthcare, with HIPAA serving as the regulatory centerpiece in the United States. Protection of ePHI is critical for both compliance and patient care reasons. Every provider also has personal financial information from every patient and human resources data from their large pool of current and former employees. Healthcare organizations must be able to achieve and demonstrate compliance with multiple regulations and standards without redeploying critical staff from strategic initiatives to preparing audit reports.
Learn More Fortinet enables organizations to secure lifesaving medical devices to ensure data integrity, timely patient care, and compliance.
Learn More Fortinet enables integration of cybersecurity, physical security, and voice communications for simplified operations, easy reporting, and patient safety.
Learn More Healthcare sees more risk from insider threats than any other industry, and Fortinet provides layers of protection against accidental and deliberate attacks.
Learn More The Fortinet Security Fabric provides a robust, flexible platform that enables full automation of security workflows, from detection to response to remediation.
Learn More As reliance on a hybrid cloud infrastructure increases, Fortinet Adaptive Cloud Security solutions break down silos between clouds and enable consistent policy management.
Fortinet Differentiators for Healthcare Industry Cybersecurity
Fortinet’s integrated platform aggregates the security architecture for healthcare organizations, from the data center to multiple clouds to myriad lifesaving devices. An open application programming interface (API) and Fabric Connectors help them integrate third-party tools for niche coverage and to maximize prior investments.
Fortinet provides the ability to consolidate voice, networking, security, and surveillance functions into a single system with centralized visibility and control. This helps fight against coordinated cyber-physical attacks and helps keep facilities, patients, and IT systems safe.
Fortinet application-specific integrated circuit (ASIC) chip processing efficiencies enable high performance—even with SSL/TLS inspection activated—a big benefit in an industry where almost all data is encrypted. Fortinet security processors can accelerate specific parts of the packet processing and content scanning functions. This technology also offers the ability to run multiple security applications without degradation in performance.
High Performance and Low Latency
FortiGate next-generation firewalls (NGFWs) provide the industry’s best performance during SSL/TLS inspection and experience extremely low latency rates, helping ensure that vital, encrypted medical data is available without delay.
Insider Threat Protection
Fortinet delivers a comprehensive solution to guard against insider threats with robust identity and access management supported by network access control (NAC), intent-based segmentation, deception technology, and user and entity behavior analytics (UEBA).
Robust Threat Intelligence
FortiGuard Labs delivers comprehensive intelligence from a global network of sensors and an artificial intelligence (AI)-powered self-evolving detection system (SEDS) that has been honing its algorithms for nearly eight years. The result is extremely accurate identification of zero-day threats.
Fortinet delivers industry-leading total cost of ownership (TCO) due to high-performance throughput and latency for NGFWs, Secure SD-WAN, and SD-Branch capabilities. This performance is enabled by purpose-built ASIC security processors. TCO capabilities are also driven by the ability to use SSL/TLS encryption inspection without performance impact—unlike many competitive solutions.
Secure Telehealth With Fortinet SD-WAN Better Patient Services Begin with Connected Care Teams Fortinet Secure SD-WAN for Healthcare FortiGate 4200F Delivers a World-class Secure Telehealthcare Experience Security & Networking for Healthcare Emergency Response IDC - Bridging the Divide Between Physical and Digital Security FortiNAC Provides Evolved Network Access Control for Healthcare
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them Cyber Assessments and Patient Security: Looking Back at Key Themes from HIMSS 2019 Fortinet To Share Expert Healthcare Insights During Sessions at HIMSS19 Healthcare Cyberattack Trends in 2019 Preparing for the Cy-Phy Future Securing the Next Generation of Healthcare: A Preview of HIMSS 2019 Securing the Widening Attack Surface of Healthcare Today
The Distributed Health Enterprise
Market forces and government policies are causing significant consolidation in the healthcare industry. In addition to mergers and acquisitions, many entities form deep partnerships with other organizations. Both trends tend to result in different entities and locations using different technologies. This increases the attack surface and impacts everything from visibility to operational efficiency.
To address this fragmentation, healthcare enterprises need to assimilate new branch locations into an integrated cybersecurity architecture. Connections with these locations must perform with minimal latency, and care should be taken that adversaries cannot penetrate a less secure branch location and then move laterally within the enterprise.
Fortinet technology enables quick integration of newly acquired branch locations by providing integrated networking and security within the branch and with headquarters. Software-defined wide-area network (SD-WAN) technology enables network traffic to move over the public internet—or even over selected public clouds using a virtual WAN (vWAN). At the branch, wireless access points and networking hardware integrate into the larger security architecture.
Fortinet networking and secure branch solutions enable fast-growing healthcare networks to scale their operations securely and with high performance.
Healthcare Cyberattack Trends in 2019 Healthcare Experiences Twice the Number of Cyber Attacks As Other Industries How Can SMB Practices Improve Healthcare Cybersecurity? How the General Data Protection Regulation Will Specifically Affect Healthcare Preparing for the Cy-Phy Future Proactively Addressing New Cyberthreat Trends in Healthcare Securing SD-WAN in Distributed Healthcare Environments
Digital Innovation and loMT Security
Technology is facilitating amazing advances in healthcare, and connected Internet-of-Medical-Things (IoMT) devices are a big part of that transformation. It is critical that the data coming in and out of these devices be accurate and timely. Securing these devices is a critical priority, and the vast number of distinct device types complicates the task. Many of these devices do not have robust, built-in security, and most of them transmit data over public cellular and Wi-Fi networks.
Regardless of the security features found in each individual device, these devices must integrate with an organization’s overall security architecture to prevent intrusions. Similarly, users of these devices must be verified and access restricted to those who need it. This helps ensure data integrity and timely patient care.
The Fortinet Security Fabric enables organizations to evaluate users and devices using intelligent segmentation and several layers of trust verification. Intent-based segmentation functionality in FortiGate NGFWs enables a flexible, intelligent approach to segmenting the network. For devices, network access control keeps track of IoMT devices and their compliance with security policies, while advanced endpoint protection tools protect those devices from attack. For users, identity and access management tools provide layers of authentication. And integrated tools for security orchestration, automation, and response (SOAR) and security analytics tools provide customizable automated reporting.
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them Healthcare Cyberattack Trends in 2019 Healthcare Experiences Twice the Number of Cyber Attacks As Other Industries Minimizing Cyber Risks as Healthcare Providers Increase Technology Use Preparing for the Cy-Phy Future Security That Restores Patients as Priority Symbiotic Security in Healthcare
Cyber and Physical Security
Places where healthcare is provided must be prepared for the unexpected when it comes to physical security. Patients who are diagnosed with serious illnesses or suffer critical injuries often experience extreme emotional swings while at a facility—as do patients’ friends and family. In addition, criminals enter healthcare facilities to steal controlled substances, cause operational disruptions, and target those who provide controversial types of medical care. In short, physical security is just as critical as cybersecurity in the healthcare industry.
The best way to optimize physical security is to integrate surveillance cameras and recorders with the larger security architecture, enabling cybersecurity protection for these devices. Integrating telephony into the same network provides seamless connections between security personnel, cybersecurity professionals, and law enforcement.
Fortinet provides the opportunity for institutions to integrate cyber and physical security functions—as well as voice communications and PA systems—onto a single console for both visibility and management. This integrated technology enables phone systems, security cameras, facial recognition, weapons detection technologies, and recordings of footage to be a part of the organization’s overall security architecture. This is particularly useful for privacy and security investigations and for keeping all parties informed about incidents in progress.
Insider Threat Protection
Recent research by Verizon identifies the healthcare vertical as having the highest risk from insider threats among all industries. Two factors in this trend: the high value of medical information on the black market and the high turnover in administrative and frontline care positions in the industry. As with other industries, incidents involving insiders can be either accidental or deliberate, and deliberate attacks occur because of a variety of motivations. The stakes are high, as compromised data can result in serious complications or even death, and disclosure of private medical information can incur serious liability on an organization.
Successfully battling insider threats requires a multilayered, coordinated approach at a time when trust is no longer a static thing. The network should be intelligently segmented to restrict access to each piece of information to those who need it. Additionally, every request for network resources should be inspected from the perspective of both the user and the device. Such a zero-trust approach helps detect inappropriate activity by insiders and block it before it causes damage.
The Fortinet Security Fabric provides layers of protection against accidental and deliberate insider attacks. Intent-based segmentation helps keep unauthorized users from accessing specific pools of data. Identity and access management tools verify users, while user and entity behavior analytics (UEBA) watches for anomalous behavior by trusted users. Presence analytics can also help detect unauthorized access to physical locations, and deception technology lures adversaries into identifying themselves. And network access control (NAC) and advanced endpoint security solutions help with device verification.
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them Considerations for Securing Medical Research in the Cloud Healthcare Cyberattack Trends in 2019 Healthcare Experiences Twice the Number of Cyber Attacks As Other Industries Hospitals Turn to AI to Spot Suspicious Behavior and Uncover Hackers How Automation and AI Improve Healthcare Cybersecurity Preparing for the Cy-Phy Future
Emerging Industry and Regulatory Trends
Change is the name of the game in healthcare privacy and security—both in technology and in regulation. Compliance continues to become increasingly complex, with different jurisdictions passing different requirements and new technology necessitating new regulations and standards. Emerging trends like embedded medical devices will continue this trend of constant change for the foreseeable future.
To keep up, organizations must build robust but resilient security that can absorb new tools and elements into an integrated architecture—without requiring a full rip-and-replace of the underlying system every few years.
The Fortinet Security Fabric provides a robust, flexible operating system that enables seamless integration of a broad portfolio of Fortinet tools, plus third-party tools via Fabric Connectors, an open ecosystem, and robust application programming interface (API) tools. Fortinet’s deep integration of security solutions deployed on-premises and in the cloud unlocks full automation of security workflows, from detection to response to remediation. Additionally, management, analytics, and event management tools help security teams achieve a proactive rather than a reactive stance toward cybersecurity.
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them Considerations for Securing Medical Research in the Cloud Gartner Peer Insights for Enterprise Firewalls: See What Healthcare Leaders Are Saying About Fortinet Healthcare Cyberattack Trends in 2019 Preparing for the Cy-Phy Future Proactively Addressing New Cyberthreat Trends in Healthcare Recent Healthcare Regulations and Guidelines Providers Should Be Aware Of
Corporate Hybrid Cloud Infrastructure
Healthcare organizations’ corporate infrastructures contain a variety of business-critical data, from financials to private medical information to HR records—as well as critical applications needed for lifesaving care. Most institutions now operate in multiple public and private clouds along with the corporate data center, and this can result in even more silos in the security architecture. Increasingly, organizations struggle with imparting consistent security controls for the multitude of enterprise environments that they are responsible for managing. This makes consistent reporting of an enterprise security posture practically impossible.
Organizations facing a fragmented security architecture across their hybrid cloud environment cannot solve their problem without deliberately moving toward end-to-end integration. While the built-in security tools provided by each public cloud provider are useful for what they are designed to do, institutions need a way to aggregate all these systems with the on-premises infrastructure, enabling a single-pane-of-glass view of the entire infrastructure.
Fortinet Adaptive Cloud Security tools, part of the Fortinet Security Fabric, unify healthcare organizations’ hybrid cloud infrastructure by enabling consistent policy management and centralized visibility of the entire infrastructure. These solutions are designed with native integration with all major public cloud providers, broad protection to cover the entire attack surface, and management and automation functionality that enables a proactive approach to threat detection and response, as well as automated compliance reporting.
IDC - Bridging the Divide Between Physical and Digital Security FortiNAC Provides Evolved Network Access Control for Healthcare FortiNAC Assessment for Healthcare Secure Access for Healthcare Secure Virtualization for Healthcare Securing Smart Campuses: Do You Know the Risks? Transforming Healthcare Security in the Digital Era
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them A Security Fabric for Digital-Age Healthcare: A Preview of HIMSS 2018 CHIME 17 Event Preview: Understanding Your Patients’ Cybersecurity Concerns Considerations for Securing Medical Research in the Cloud Cyber Assessments and Patient Security: Looking Back at Key Themes from HIMSS 2019 Financial, Healthcare, Government, and Retail IT Professionals Review Fortinet’s Enterprise Firewall Solution Fortinet at HIMSS 2018: Securing Connected Medical Devices