Healthcare IoT Security Operations Maturity

By Tom Finn, Director of Business Development Medigate and CrowdStrike

Crowdstrike and Medigate have announced the publication of a joint piece of research that advocates a more simplified approach to securing the Internet of Health Things (IoHT). The paper is entitled, “Healthcare IoT Security Operations Maturity, A Rationalized Approach to a New Normal.”  It promotes the idea that health systems should focus on improving essential “blocking and tackling” asset management and security skills before contemplating investments in more advanced, layered defense capabilities.

The paper highlights a governing philosophy that says an intimate understanding of connected assets is required before threat processing can be effective. It delivers an advanced definition of “visibility,” how Medigate and CrowdStrike have combined forces to deliver it, and why such new-found visibility must be effectively orchestrated to unify modern detection and threat prevention capabilities.

Given the recent spate of healthcare-related intrusions in the region, this research is very timely. For example, the attack on SingHealth’s specialist outpatient clinics in 2018 resulted in the breach of 1.5 million patient health records, the largest in Singapore’s history. In August 2021, Eye & Retina Surgeons (ERS), a specialist medical clinic in Singapore, was the target of a ransomware attack, affecting the data of over 73,000 patients.

For the first time, the report by Medigate and CrowdStrike presents for educational purposes specific data reflecting how their shared health system clients are managing widespread vulnerabilities, including missed opportunities to remediate many of them. The facts provided identify immediate steps that health systems can take to quickly improve their respective cybersecurity postures.

As background, current cyberthreats to healthcare with an emphasis on the significant increase in ransomware attacks is detailed, as is a position on the “to pay or not to pay” policy debate that is now top of mind with public officials and hospital leadership. Emerging Security Risk Assessment (SRA) perspectives are discussed in this context, including their relationships to the current transformation taking place in healthcare cyber insurance underwriting and credit scoring.

And notably, the paper reveals how no standard exists that hospitals are using to calculate attack restoration costs. In comparison, the average organisational cost of a data breach in ASEAN is US$2.62 million, with 96 percent of Singaporean businesses reported suffering a data breach between September 2018 and September 2019.

Perhaps most importantly, the paper discusses the need for professional convergence as a means for health systems to address long-standing shortages in IT and technology management staffing. It discusses how technology can be used as a lynchpin for upskilling and how properly sequenced investments in automation can deliver solutions that are greater than the sum of their respective roles and parts. The common reference foundation promoted in the paper is argued as essential, not only as a way to harden existing healthcare security infrastructures, but as a means to ensure the performance of future investments in layered defense capabilities.

And finally, because an integrated approach to security and asset management is described as a silo-busting affair that creates operational leverage, this paper ends by explaining how Medigate and Crowdstrike are jointly and separately translating that leverage into business value. Both companies share details explaining how returns on security investments can now be effectively measured.The joint research paper can be accessed here.