News & Events

Healthcare industry challenged by laggard technologies

The pandemic accelerated adoption of technology trends, whether they existed in the past or not. Digital transformation was one such trend that saw a high uptake across industries. The healthcare industry was no exception, and the launch of telehealth is an example.

Kaspersky research shows that 86% of medical organisations have already implemented telehealth capabilities, with 44% starting to use them after the pandemic to eliminate a pain point. We are now witnessing a closer collaboration between healthcare providers and cybersecurity companies to provide digital services that are safe and secure and align with the evolving consumer demands in the new normal.

When it comes to cybersecurity readiness, only 20% of healthcare workers are very confident that their organisation can effectively stop all security attacks or breaches at the perimeter. 40% expressed conviction that their organisation has up to date, adequate hardware and software IT security protection. 30% of UAE respondents agreed that their organisation had already experienced data leaks, DDoS or ransomware attacks.

Cybersecurity is a continuous process. Investing in a cybersecurity solution or services does not mean the task is complete. On the contrary, it is just the beginning. Before an organisation invests in strengthening their cybersecurity structure, it needs to understand, plan and execute important tasks at hand.

For example, understand the business requirements, have clarity on security gaps, find the right cybersecurity partner who can bridge these gaps and help build a holistic security strategy that involves every business function.

Organisations widely use medical equipment with a legacy OS, mainly because of high upgrade costs, compatibility issues, or a lack of internal knowledge on how to upgrade, among other reasons. The usage of outdated equipment may lead to cyber-incidents. When software developers stop supporting a system, they also halt the release of any updates, which among other improvements, often contain security patches for discovered vulnerabilities. If left unpatched, these can become an easy and accessible to penetrate the company’s infrastructure, even for unskilled attackers. Healthcare organisations collect a wealth of sensitive and valuable data, making them one of the most lucrative targets, and unpatched devices can facilitate a successful attack for adversaries.

With the cybercrime realm evolving rapidly, a CISO or IT manager’s role is to guide the organisation to make the right cybersecurity-related decisions. Sometimes avoiding data from being compromised requires something as simple as updating a software or vetting an email.

There is now collaboration between healthcare providers and cybersecurity companies to provide services that are secure and align with consumer demands.