× Business BUSINESS MOTORING SHIPPING & LOGISTICS DR PESA FINANCIAL STANDARD Digital News Videos Health & Science Lifestyle Opinion Education Columnists Moi Cabinets Arts & Culture Fact Check Podcasts E-Paper Lifestyle & Entertainment Nairobian Entertainment Eve Woman Travelog TV Stations KTN Home KTN News BTV KTN Farmers TV Radio Stations Radio Maisha Spice FM Vybez Radio Enterprise VAS E-Learning Digger Classified Jobs Games Crosswords Sudoku The Standard Group Corporate Contact Us Rate Card Vacancies DCX O.M Portal Corporate Email RMS

Five cybersecurity best practices for healthy healthcare

By Sharon Ombongi | July 29th 2020

In 2019 cyberattacks cost the healthcare industry USD4 billion, making it the worst ever year for data breaches. If healthcare organizations are to gain ground on modern cyber threats, they must follow certain key security strategies to build much needed cyber resilience.

Here are five security best practices to keep the industry healthy:

Embrace the zero-trust security model

A recent report shows that in the healthcare sector more breaches are caused by internal than external threats. This can be attributed to human error, lapsed security oversight, or intentional abuse of privilege access to sensitive data and systems.

By implementing a zero-trust approach, healthcare organizations can introduce granular controls on network traffic. This takes away the opportunity for modern attackers and internal rogue users to leverage attacks and gain access to sensitive personal health information (PHI) while remaining under the radar.

Zero Trust is an emergent philosophy for information security; a mentality for how to think about cybersecurity and how to do cybersecurity. It is based upon the principle of “trust nothing, verify everything” and focuses on protecting resources regardless of where they are.

Improve your security posture against Ransomware

Ransomware is a devastating weapon in the hands of cybercriminals targeting healthcare, accounting for over 70 per cent of malware outbreaks in the sector.

Such attacks have brought healthcare operations to a grinding halt, paralyzed connected medical devices and systems, and encrypted healthcare records to render them inaccessible by caregivers.

Alongside a next-gen firewall, one of the most effective methods for protecting against ransomware attacks is to use of an endpoint protection solution. Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees, are essential components of every single security setup.

Get around the skills shortage

Lack of personnel with the appropriate cybersecurity knowledge and expertise is one of the major challenges for healthcare service providers. This is especially a headache for those who don’t have a full-time, in-house security expert.

Healthcare organizations that lack cybersecurity resources, should invest in Managed Security Service Providers (MSPs) who can take care of their entire cybersecurity and provide comprehensive protection that is managed from one platform.

Cover blind spots in your digital transformation efforts

Transacting information between patients, caregivers, insurance agencies, and other stakeholders should be seamless and secure. Software-defined networking (SD-WAN), with its flexible architecture, has emerged as a new favorite among healthcare organizations to meet these requirements.

It’s crucial to provide reliable and secure access to classified healthcare data at a time when many hospitals are adopting new technologies like network-connected medical devices, telehealth, and medical apps such as picture archiving and communication systems (PACS).

Next Generation firewalls make it possible to achieve SD-WAN connectivity in line with your security and continuity goals.

Promote cyber awareness

Another major concern for healthcare organisation is the lack of cybersecurity education and poor data privacy awareness among employees.

Having the right cybersecurity culture is important to help reduce healthcare’s high susceptibility to a wide range of sophisticated cyberattacks.

Healthcare organizations should consider running regular awareness campaigns to make their employees, partners, and vendors more aware of the latest cybersecurity scams and phishing tactics, and thus be better prepared to take the right action when they encounter malware or phishing activities.

The writer, Sharon Ombongi, is the Country Manager, Kenya, Sophos.

Share this story
How to raise entrepreneurial kids
If you’re an entrepreneur, you might be wondering how to foster the entrepreneurial spirit in your own children.
Dog walking becomes the newest hustle in town
Dog walking is now a status symbol. Owning a pet is cool. I nowadays meet lots of Kenyans and foreigners walking their dogs and some running.