We've discussed the importance of strong security in healthcare in recent times and continue to given the rising threats in the sector. Ransomware attacks are dominating healthcare providers and over 30 countries show rising threat according to a study at the CyberPeace Institute.
An attack on healthcare is an attack on vulnerable people, not just a system.
Patients with high dependence on technology such as pacemakers, monitors, and more have a direct impact from a ransomware attack. Situations where this has happened, 15% of ransomware attacks led to patients being redirected to other facilities and 20% caused appointment cancellations.
Healthcare cybersecurity lacks training and deployment. Doctors, nurses, or other health practitioner can't manage cybersecurity alone and rarely have time for further training given their tight schedules.
The software and security tools used need to have security at the center of the design—from the beginning development to the final step of people using it.
One area where governments should step in is with creating laws to protect the healthcare sector since organizations aren't able to solve the security issues alone. Countries should also collaborate and share information cross-border to strengthen these law and ensure citizen protection. Having secure and reliable access to healthcare is a right. People shouldn't have to worry about threat actors stealing their information and leaking it.
With the rise in cyber attacks, there are threats all around us. Personal threats to work threats, the risk has increased more than ever before. Businesses today are focused on protecting confidentiality and data—which is still important—but, these defences aren't as strong anymore given how complicated attacks have become.
Cyber resilience is needed.
Patch vulnerabilities, detect and mitigate threats, and of course educate employees on an ongoing basis. Cyber resilience aims to ensure operational and business continuity with minimal impact.
A one-size-fits-all approach is not the answer when it comes to cybersecurity and cyber resilience since every organization has its own needs. Businesses shouldn't compare their plan with others, and there's no final answer—it's an going learning process.
After Facebook had its longest global outage back in October, not only it did face financial loss but people who use the platform globally mentioned distress after losing contact with their loved ones. Facebook said no malicious activity was involved, rather it was due to an internal DNS outage.
Facebook's outage was unique because the billions of users that use the platform and associated ones such as WhatsApp were aware of it in the media and knew it has impacted them—from teenagers to seniors. Usually when there is a breach, people can a letter or notification that their information has been compromised or there is an outage.
This outage may have increased awareness on cyber threats and data privacy.
Lauren Sukin conducted a study on public attitudes about cybersecurity with 2797 Americans from Dec. 11, 2020, through Jan. 12, 2021.
Overall the results indicate that the public is concerned, but not especially knowledgeable, about cybersecurity issues.
After the Facebook attack, cybersecurity issues were in the public eye. Their research suggests that those exposed to the outage could become more worried about cybersecurity.