Erik Giesa profile picture

Erik Giesa

Tuesday, May 22, 2018

If you watch Grey’s Anatomy you might have caught the season finale late last year where a hospital cyberattack infected their IT infrastructure and resulted in cardiac monitors going crazy and medical records being hijacked. The ensuing chaos was certainly enough to rattle the nerves of the medical personnel trying to treat patients and I’m sure it also gave all the IT folks responsible for hospital and healthcare systems pause. Are they prepared to handle hospital cybersecurity threats of this magnitude?

Last year, the WannaCry cyberattack made a lot of people take notice. To this day, the UK’s National Health Service continues to reel from their attack and recently prompted a horrifying article from the Register. The article’s title, Imagine You’re Having a CT Scan and Malware Alters the Radiation Levels – It’s Doable, tells you all you need to know. If this scenario doesn’t send a shudder through your IT department it certainly should!

Medical equipment and healthcare records are some of the most valuable out there for hackers due to their importance to medical personnel and their cost to replace, making them targets for cyberattacks and ransomware. In a recent post, we shared some of the costs associated with cyberattacks on hospitals:

  • A cyberattack on a hospital costs, on average, $3.5 million
  • 46% of hospitals spend less than $500,000 annually on cybersecurity
  • A data breach can cost $200 per compromised health record
  • An unknowing HIPAA violation can cost up to $1.5 million per year

Like any campus environment, hospitals have many easy entry points for attackers, including biomedical devices, drug dispensers, and third-party concessions like cafes via their Point-of-Sales systems. With growing network attack surfaces and vulnerable devices, most hospital IT teams face a daunting challenge of segmenting sensitive data while restricting and monitoring access to systems and devices. Ask anyone in IT and they’ll tell you that it’s extremely difficult to achieve sustainable PCI compliance along with HIPAA compliance without eroding their already tight budgets and constraints on their time.

There is a way to put this nightmare scenario behind you without breaking the bank! In fact, our healthcare clients have seen a 50 percent lower CapEx and OpEx through network simplification. They can connect and revoke devices 97 percent faster with little or no network changes. In addition, they can reduce their attack surface by over 90 percent through cloaking, micro segmentation, and encryption.  And here’s the kicker… it’s simple!

With our Identity Defined Networking (IDN) solution, IT folks can unify networking and security into a single platform that eliminates network complexity. It’s literally a point-and-click console that makes it effortless to implement hardened network segmentation—down to an individual endpoint. IDN allows you to easily remove sensitive systems and assets from prying eyes through network cloaking, micro-segmentation, machine authentication and authorization, and end-to-end encryption. With our comprehensive, defense-in-depth approach, we not only facilitate industry compliance, but also deliver hardened security, resource resiliency, and network elasticity.

Now you can get back to some of that Grey’s Anatomy without thinking about your worst IT nightmares!

Learn more about how we enable zero trust networking for healthcare systems and vulnerable endpoints