- September 3, 2020
- Posted by: Pat Riot
- Categories: CyberSecurity, Healthcare, Managed Detection and Response
A hospital has one of the most diverse workforces and clients/patients out of any industry. Just think about what you see when you walk into a hospital. From the security guards at the front door, the attendants at the front desk, the nurses in triage, to the clinicians themselves. Every walk of life exists in a hospital. All ages, all ethnicities, all genders, every socio-economic class, they all reside within the walls of a hospital system. For that reason, a hospital is a beautiful sight to behold. It could arguably be the one area that is universally accepted by the masses as a safe space, one you can trust to take care of you and your loved ones. At the same time, the proliferation of connected devices continues to climb. The ugly truth is that this makes hospitals more vulnerable than ever, unless they take the necessary steps to protect themselves and their patients. If hospitals want to continue their role as a “safe space,” their support for cybersecurity is imperative.
Unfortunately, however, that is not the trend. In fact, close to 9 in 10 healthcare organizations do not inherently build security into their technology driven processes.1 Why is that? That, my friends, is the million-dollar question. In a study done by Accenture, they found that only 18% of respondents plan to invest in artificial intelligence for their security strategy, versus 26% overall. This is a very concerning trend. In any study, healthcare will be the top one or two industries regarding the vulnerability and number of cyberattacks. Yet, only 9% of healthcare organizations fully involve their security organizations in decisions across their tech stack from the start, compared with 25% of industries overall.2
Richard Temple, Vice President and Chief Information Security Officer of the Deborah Heart and Lung Center stated that “what’s needed are investments in monitoring systems that, through artificial intelligence, can understand behavior of particular devices and flag and alert someone if it observes behavior that significantly deviates from the norm…for example, if the system were to see an X-ray machine sending files to an overseas country when it has never sent a file outside the country before, that would constitute a major red flag, and an urgent alert would be sent to someone so it can be looked at as soon as possible.”3
The previous example is precisely 1/3 of the solution that Steel Patriot Partners proudly provides. Our Managed Detection & Response (MDR) software is an artificially intelligent solution that is backed by machine learning. SOC analysts pilot the software in order to stay ahead of cybercriminals and the ever-evolving complexities of their attacks. Being proactive is only part of the solution. In order to provide holistic coverage to a healthcare network, we cover all aspects of an organization: procedural, technical, and physical. Our state-of-the-art endpoint protection provides organizations with next-gen firewalls coupled with industry leading antiviral software. The last piece of the puzzle revolves around the end-user themselves. In a security sense, that means the end-users actions were either unintentional or they simply didn’t act in a timely manner. That could mean an employee didn’t update the system to the latest version, they were subject to a social engineering attack, or they got complacent and didn’t think an attack would happen.
In a study done by Kapersky Lab, they found that 90% of cloud breaches happened because of employees, not providers.4 That’s why we also supplement an educational piece into our services and solutions. If a healthcare organization’s network is being monitored around the clock year after year, their systems are consistently updated, employees are up to date on the latest trends regarding cyber-attacks, and everyone in the organization is on the same page; the probability of an attack decreases exponentially. The cybersecurity market is convoluted with multiple services and solutions being offered that, on the surface, appear to be the same. Yet, upon digging into the minute differences, you begin to uncover the discrepancies.
Having 25+ years of experience in the cyber industry, we have also felt the anxiety of outsourcing, partnering, or building an inhouse cybersecurity solution. This is the exact reason Steel Patriot Partners created a straightforward, intuitive and user-friendly solution that couples state of the art technology with real people who are experts in their field. The main differentiation between us and our competitors – other than our solution itself – is the empathy that we bring to the conversation. Having been in your shoes, we are able to explain, teach, and secure your network in a way that empowers you and your team to fully take control of your network. While simultaneously knowing that you are backed by a team of cybersecurity experts.
As the healthcare industry continues to become more and more digitally connected, the importance of security needs to go hand in hand. This further reinforces the importance we place on partnerships. We are not just a vendor that secures networks. We are a team that works with you and your organization. If cybersecurity is a priority to your organization but you don’t know where to look, simply reach out to us by whatever method you are most comfortable with. A 15-minute conversation is all we need to begin the process of taking your organization from being a potential target to you being fully empowered to handle any degree of cyberattack. We are real people, bringing real solutions, to solve real problems. You can reach us anywhere, at any time! Just give us a follow on social media (Facebook, Twitter, LinkedIn), send us an email, give us a call at 703-297-4405 or contact us directly! Regardless of the method you choose, we look forward to hearing from you and – as always, we appreciate your time for reading this content! Stay blessed and stay secure!