In the second part of a recent two-part webinar series on cybersecurity, a panel of experts discussed the impact of cyber attacks on healthcare entities and the benefits of cloud computing in a time of heightened cyber security incidents. The panel included Paul Alcock, SIS Director of Information Security, Anthony Catalano, National Director of Security Transformation Services for RSM, and me, SIS Senior Vice President of Development. Here are the highlights of our discussion.
Emerging cyber threats: Ransomware attacks specifically aimed at healthcare are increasing. In Q4 of 2019, ransomware attacks in healthcare were up 350% compared to the previous year – and that was before more and more people began working remotely due to COVID-19. In March 2020, we saw a 150% increase in cyberattacks month over month.
The threat actors are using social engineering tactics such as phishing to gain network access to healthcare organizations. They primarily have three objectives for security incidents: to look for network credentials, to break into environments that they can put on the dark web, or to find access to healthcare networks to extract data from a certain time period.
In addition to the number of security incidents increasing in healthcare, the ransomware amounts also are skyrocketing. In the past, a typical ransom for cyberattack would be around $7,000 to $10,000. Ransoms today are in the hundred thousand to millions of dollars. Garmin recently experienced a ransom demand of $10 million.
Data security considerations for the three most common architecture configurations: There are essentially three different architectures of healthcare software – really any software: on premise; client/server hosted; and true cloud Software as a Service (SaaS).
Traditional client/server software is deployed on-site, or on premise, on a customer’s own network. The customer is responsible for their hardware, network, backups, setting and monitoring permissions for people who access the software, etc. The customer bears a lot of responsibility when it comes to security and often does not have the people or monetary resources to adequately keep ahead of emerging cyber threats.
As technology evolved, so did vendors who began hosting client/server applications on behalf of their customers. Hosting gets customers out of the hardware business (i.e., they don’t have to purchase servers to house their software), but they still bear responsibility for on-site security and backups, and the software is typically built on older technology that is more susceptible to viruses.
With a true SaaS-based solution, the software is built specifically for cloud environments with an advanced security stack, processes, and technologies to monitor and respond to cyber risks. In addition, the vendor takes over the majority of security responsibility including penetration testing, vulnerability scanning, and all testing to ensure the highest level of safeguards are in place. The SaaS vendor also handles all software updates, backups, and failovers for high availability, business continuity, and disaster recovery. With a SaaS solution, the customer is responsible for training employees on the importance of security and remaining vigilant to potential threats, but the SaaS vendor does the heavy lifting from a financial and resource perspective to protect the client’s data.
What to look for in a SaaS vendor when it comes to security:
A vendor that offers true SaaS technology should be able to demonstrate the following key attributes in their information security program:
Other benefits of cloud software beyond security:
There are several other reasons to consider SaaS solutions beyond the improved approach to security.
To wrap up, there are many advantages to SaaS solutions over traditional client/server on premise applications and even hosted options. When a vendor puts in the work upfront to properly configure the application and create the environment in a secure manner, that will reduce your overhead costs moving forward and enable you to maintain a higher level of security throughout the lifecycle of the business process.