A Clean Bill of Health
How the healthcare industry benefits from improved visibility and security.
According to U.S. government data, cyber breaches in the healthcare industry reached unprecedented levels in 2021. Almost 700 breaches that affected more than 500 individuals occurred in 2021, and the rate of attacks has continued to increase during the first half of 2022.
Indeed, the first six months of 2022 alone has found attackers successfully breaching hospitals, research facilities, software and billing companies, medical device and technology providers, insurance providers and more. The unfortunate success of such attacks has driven up the average cost of healthcare data breaches, according to IBM’s Cost of a Data Breach report, to more than $10 million—whereas the average cost of a data breach across all industries stands at $4.2 million.
Indeed, based on the IBM report, the healthcare vertical has had the highest cost per breach for 12 years running, as attacks often expose a veritable treasure trove of private patient data—names, physical and email addresses, birthdays, passwords, payment info, Social Security and insurance information, and more. Moreover, attackers are well aware healthcare organizations are under increasing pressure to protect that data, giving them more than ample reason to launch ransomware attacks with the expectation the ransom will be paid.
Meanwhile, healthcare organizations continue on the path of digital transformation as they look to boost patient and medical staff satisfaction and engagement, improve the quality of care, lower costs and expand services beyond traditional boundaries. Despite those benefits, however, digital transformation in the healthcare vertical is not happening as quickly as needed, impeded by a shortage of skilled IT and security personnel who are forced to work in cloud and on-premise systems that run multiple different applications with varying needs for each.
For healthcare organizations to overcome the myriad challenges they face as a result of cyberattacks and digital transformation, a renewed focus is needed on network visibility and security.
Importance of Visibility and Security
Imagine a hospital having to temporarily halt patient surgeries due to an inability to pull up patient images in operating rooms. Or having to divert ambulances and emergency room patients to other hospitals due to a security issue.
Such is the importance of visibility into the networks and systems that make up any healthcare organization. Visibility is necessary for IT and security teams to understand the technologies in use throughout an organization, vulnerabilities that exist, how serious those vulnerabilities are and how to best mitigate vulnerabilities when they are identified.
Visibility also is a key factor to limiting downtime in healthcare organizations. One recent survey of hospital executives by Becker’s Healthcare revealed that almost half had to shut down networks this year as a result of cyberattacks. For large hospitals, such downtime averaged just over six hours at an average cost of $21,500 per hour—or about $130,000 per incident. Midsize hospitals, meanwhile, were shut down for an average of 10 hours at an average cost of $45,700 per hour—or $457,000 per incident.
And while those eye-popping figures are certainly attention grabbing, they don’t accurately reflect the full impact that downtime has in the healthcare vertical. Such disruptions prohibit access to and sharing of electronic patient records; impede the accurate transmission of X-rays, MRIs, ultrasounds and other tests; affect the ability of remote specialists to interact with and provide life-impacting services for patients; and cause disruption in service for medical devices like insulin pumps and defibrillators. Such incidents not only prohibit doctors and nurses from doing their jobs, but also negatively impact patient safety, customer service, organizational reputation and overall trust on the part of patients, families and communities.
To ensure proper visibility and security, healthcare organizations need solutions that account for a number of factors, including:
- Visibility must extend across all applications, technology and networks. Such visibility guarantees the seamless operation of all points in the network, and it ensures all systems operate correctly at any time, from anywhere and across any device.
- Visibility and security also have to be assured across private, public and multicloud environments. As healthcare organizations have increasingly embraced digital transformation and expanded services beyond traditional brick-and-mortar locations, one unintended consequence has been the creation of gaps in visibility that lead to security issues. Likewise, the healthcare ecosystem expands exponentially on an almost daily basis, driven by technologies like the Internet of Things (IoT), artificial intelligence (AI) and big data. This massively expanding footprint demands visibility and security for every access point.
- For truly comprehensive visibility and security, healthcare organizations should utilize packet-level monitoring and analysis solutions. Such solutions enable IT and security teams to quickly evaluate service degradations, limit mean time to resolution (MTTR), reduce operational costs and complexity, and perform in-depth analysis of service-performance issues.
- Visibility and security are only a success if they improve the end-user experience, regardless of whether the end user is a doctor, clinician, patient, insurance provider or another stakeholder in an organization’s ecosystem. As such, solutions that impact visibility and security must constantly account for end-user feedback and experience.
As healthcare organizations fall under increased scrutiny from governmental and standards bodies concerning how they handle cyberattacks and other network performance-impacting issues, it’s vital to understand and embrace the benefits network visibility and security provide. Doing so not only ensures the protection of valuable data, but also enables organizations to provide the best services and experience to all members of their ecosystem.
Learn more about NETSCOUT’s Visibility Without Borders.