Over the past year, two things have become increasingly clear. One is that cybercriminals are increasingly targeting the healthcare sector. The other is that lapses in healthcare cybersecurity invite further attacks, and require immediate attention before the problem gets worse.
We’ve mentioned the attacks on healthcare-related entities before, but this is just the tip of a much larger iceberg. The healthcare industry as a whole has a number of issues that make it uniquely vulnerable:
- They require a great deal of personal information stored
- The industry as a whole sees information sharing and interconnectedness
- There is a mix of legacy systems and not well protected infrastructure in use
As a consequence of these, it is becoming increasingly desirable as a target for ransomware and other cybercrime; the vast quantities of personal information any company in the industry stores makes them a potentially lucrative mark.
“Those are people’s lives, their personal information. That is not something that should just be a tech issue that we’re solving for.”
What’s the solution?
There is unfortunately no simple answer. While any general advice regarding cybersecurity improvements – keeping a recovery plan in place, planning for disaster mitigation, keeping a modern archive and backup in place – all apply, the interconnectedness of the sector means that threats can come not through your systems but also through a less-prepared compromised partner.
Compared to other industries, this makes keeping a recovery plan even more valuable than otherwise; with preventative measures having gaps due to industry-wide lapses in healthcare as a whole, companies have to operate under the assumption that sooner or later, they will be hit. While parts of the industry are sounding the alarm and seeking solutions, for now the message is still clear: make sure your archive and backup works, and settle in for the long haul.
Archive Smarter with TECH-ARROW