Healthcare Radius – December 2018

+($/7+&$5(5$',86_'(&(0%(5 39

IT

4. There is loss of
   visibility of access
   and potential
   diluting of security
   of patient data
   shared with third
   parties as part of a
   SaaS or outsourced
   platform.

4

remediation and incident response plan-
ning process to account for how many data
points you will need to readily understand
the damage, if those are coming from a
broad number of tools, and you are reliant
on various system engineers and analysts
that only know that specific system, you are
leaving yourself vulnerable to latency in
remediation, and potentially a larger data
breach.

Measuring and prioritising defenses
To effectively secure themselves from
evolving cyber threats as well as mitigate
the impact of successful attacks, it’s impor-
tant to practice effective cyber situational
awareness. For an effective cyber situation-
al awareness, it’s important to consider the
following organisational pillars:
Business mission goals: Identifying your
critical business processes helps you under-
stand what is important to the daily func-
tioning of the business. From there, you can
prioritise your security efforts to effectively
mitigate the chance that a cyberattack can
impact them.
Cyber assets: Given the scope of net-
works within a healthcare organisation, and
the sheer amount of assets within the net-
work, it’s important to have the capability
to effectively understand what assets are
within your network at any given time. By
leveraging inventory controls and artificial
intelligence, IT professionals can identify all
assets—and any related vulnerabilities—es-
pecially those assets critical to facilitating
business goals.
Network infrastructure: After all key
cyber assets needed to facilitate and drive
business goals are identified, it’s critical that
IT professionals identify how those assets
are connected within and across the distrib-
uted network infrastructure. This provides
critical insights into the avenues of attack
that cybercriminals may use to traverse and
exploit the vulnerabilities that may exist
within the network.
Cyber threats: Lastly, it’s important to

understand the cyber threats the network

environment is most vulnerable to. IT per-

sonnel should also be focused on under-

standing the threat actors that would be

motivated to steal data within the network,

and the sorts of methods and tools they

generally use to accomplish their goals.

This gives critical insight into not only the

network areas and entryways that are most

enticing to cybercriminals, but also pro-

vides a high-level overview of the scope of

an organisation’s security posture against

these specific threats.

Today’s cyber threats are growing faster

than ever, while becoming increasingly

stealthy and resilient. Given the variety of

cyber threats facing the healthcare sector

today, it’s critical that IT professionals un-

derstand the current threat landscape and

cyber security ecosystem in order to pri-

oritise security procedures, vulnerabilities,

and network areas for optimised security

posture.

Rajesh Maurya

is Regional Vice

President, India &

SAARC, Fortinet.