If you were to guess the industry most targeted by cyber-attackers, you might guess financial services. But in 2015, the health care industry overtook financial services to become the biggest target for cyber-criminals. The shift was driven by the rise of internet-connected devices in hospitals and the digitization of patient records. Despite these technological innovations, and in many ways because of them, health care IT is roughly five years behind IT departments in other industries. Health care organizations are now playing catch-up with a threat landscape that is becoming exponentially more complex and sophisticated.
Canadian cyber security incidents are occurring at an alarming rate, and health care IT decision-makers need to pay attention. After all, health care organizations face an average cost of $355 USD per breach -- the highest of any industry. In addition to monetary concerns, institutions also suffer major reputational damage following a security incident. For an industry that deals with sensitive personal data, the reputational damage is often worse than the operational disruption.
Connected devices are one of the key reasons that the health care industry faces such serious cyber security issues. Nearly 70 percent of clinicians use mobile devices to view patient information, and over 41.8 per cent use them to get clinical data.
Moreover, internet-connected medical devices tend to have major vulnerabilities and are highly susceptible to security threats. This is due to a combination of long product lifespans, regulatory oversight, and niche usage. IT decision-makers in health care providers need to consider next-generation cyber security methods to catch breaches and device vulnerabilities before it's too late.
When breaches do occur, they usually fall into one of two categories: insider threats or ransomware attacks. A 2016 report found that 60 percent of all attacks come from the inside, making it critical for the Canadian health care sector to be vigilant. One of the key challenges posed by insider threats is that they come down to human behavior - be it intentionally malicious or entirely accidental.
A 2015 case in the Rouge Valley Health System saw two clerks accessing inappropriate patient records. However, due to the way the network was configured, it was impossible to determine how many patient records were compromised. This forced them to notify 14,000 people that their records may have been compromised.
And this past November, the Winnipeg Regional Health authority saw its largest ever patient privacy breach when a file with over 1,000 patients' personal information went missing - all due to an insider breach. With systems in place to better monitor and ensure normal business functions, both of these breaches could have been stopped before there was ever an issue.
In addition to insider threats, hospitals are also prime targets for ransomware. Due to the urgency involved in losing access to sensitive patient information, hospitals are particularly vulnerable to these attacks. Ransomware is a form of malicious software that blocks access to a network and the files on it until a ransom is paid for the decryption key.
Access to patient records is critical, and a medical emergency can persuade hospitals to quickly pay up rather than risk patient health while waiting for a resolution. This problem is magnified by hospitals' tendency to prioritize spending on expensive medical equipment over cyber security measures.
The best way to mitigate the risks posed by ransomware attacks and insider threats is to continually monitor the network for abnormal behavior. Unsupervised machine learning is an emerging technique that allows organizations to automatically detect the typical 'pattern of life' for a network. By comparing network traffic to that 'pattern of life', organizations can quickly flag anomalies and unusual network activity. This method draws inspiration from the health care industry itself - the technique act as an 'immune system' for the network.
The health care industry is unique. Highly regulated, highly specialized, and in possession of highly confidential information, it's a natural target for cyber-attacks. With the rise of internet-connected devices and the industry lagging behind modern cyber security, now more than ever IT decision-makers in health care need to think about how to best protect patient information in the modern threat landscape.
Follow HuffPost Canada Blogs on Facebook