Data security in healthcare presents unique challenges, with sensitive patient information and critical operational systems increasingly targeted by cybercriminals. In this show, Steve Winterfeld, Advisory CISO at Akamai, discusses the value of healthcare data, noting that “healthcare data is extremely valuable… in some cases, it’s more valuable than credit card data.”

Winterfeld delves into the unique challenges of protecting healthcare data, emphasizing the need for visibility, rapid threat mitigation, and robust processes in healthcare organizations. Winterfeld shares his advice on cybersecurity practices and outlines how Akamai’s solutions contribute to enhanced data protection.

Healthcare data as a valuable target for cybercriminals

• Winterfeld explains that healthcare data includes sensitive patient information, insurance details, and private records, making it valuable for cybercriminals who profit through ransom demands or data sales on the black market.
• Winterfeld highlights that healthcare providers, particularly hospitals, are often quick to pay ransoms to prevent any disruption to patient care, which makes them an attractive target for hackers.
• Despite the high stakes, the healthcare sector remains behind other industries, such as finance and commerce, in terms of cybersecurity maturity, leaving it more vulnerable to attacks.

Diverse security needs across healthcare sectors

• Winterfeld describes how different healthcare sectors face unique security priorities, ranging from large hospitals to insurance companies and pharmaceutical firms, each with tailored approaches to protect data.
• Hospitals, for instance, prioritize system safety and uptime, as patient care can be critically impacted by any disruptions to their data access.
• Conversely, insurance companies focus more on fraud detection, while pharmaceutical firms prioritize intellectual property protection, especially during sensitive drug development collaborations.

Impact of recent security breaches in healthcare

• Winterfeld discusses how recent high-profile breaches, particularly ransomware attacks, have impacted critical services, including healthcare and law enforcement agencies.
• Winterfeld notes Akamai’s research into initial access brokers, who act as intermediaries, selling unauthorized system access to ransomware groups, amplifying the risk to healthcare organizations.
• The latest Akamai State of the Internet Report shows a notable increase in API attacks on insurance agencies and DDoS attacks on healthcare providers in Europe, demonstrating a shift in cybercriminal tactics.

Severe impact of breaches on healthcare companies and patients

• Winterfeld elaborates on how ransomware attacks in healthcare lead to significant downtime and disruptions, which can jeopardize patient care and delay critical treatments.
• To counter these risks, Winterfeld emphasizes the need for healthcare organizations to maintain comprehensive visibility across both legacy and modern systems for thorough threat detection.
• Winterfeld advises institutions to conduct regular security drills and process tests to ensure that all emergency mitigation strategies are functional and ready for deployment in an attack.

Handling phone scams and social media threats

• Winterfeld addresses the rise in phone scams targeting individuals, advising people to stay calm, avoid rash decisions, and establish a family emergency password as a precaution.
• Winterfeld explains that these scams are becoming more sophisticated, with hackers also exploiting social media and even traditional mail to impersonate trusted sources or relatives.
• Stressing situational awareness, Winterfeld encourages people to verify information before responding to any unexpected request, especially in emotionally charged scenarios where scammers seek to exploit urgency.

Organizational structures and security practices in healthcare

• Winterfeld describes how healthcare organizations, especially large hospitals, often face challenges in rapidly adapting security practices due to the need to prioritize patient safety.
• Winterfeld explains that medical device manufacturers and hospital systems, though varied, are both increasing security investments in response to the surge in recent cyber threats.
• Balancing security upgrades with limited budgets remains a pressing issue, as many organizations find it difficult to allocate sufficient funds to adequately secure their infrastructures.

Advice for different healthcare organizations on cybersecurity

• Winterfeld advises isolating critical systems, such as medical devices, and segmenting network access to minimize exposure to external threats, especially for high-risk areas within healthcare facilities.
• For pharmaceuticals and other federated networks, Winterfeld highlights the importance of tracking and understanding data flows between connected systems to monitor for unauthorized access.
• To stay prepared for potential attacks, Winterfeld stresses the need for rapid response capabilities and strong visibility across systems, enabling healthcare providers to respond quickly to emerging risks.

Akamai’s solutions to enhance healthcare cybersecurity

• Winterfeld outlines Akamai’s multifaceted approach to healthcare cybersecurity, focusing on lifecycle data protection, ransomware defense, and network segmentation to minimize attack surfaces.
• Winterfeld emphasizes the importance of access control measures, particularly zero trust network access, to restrict unauthorized entry, which is essential in safeguarding sensitive patient data.
• Akamai’s strengths in DDoS protection and infrastructure security provide healthcare organizations with robust defenses against large-scale attacks, ensuring their systems remain operational and resilient under threat.

Guest: Steve Winterfeld (LinkedIn)
Company: Akamai
Show: CISO Insights

This summary was written by Emily Nicholls.