Providers must rethink defensive cybersecurity strategies

Healthcare providers must strengthen their defensive strategies to best fight off the cyberattacks constantly hitting the industry.

Cybersecurity defense, according to John Nye of health IT consulting firm CynergisTek, must be proactive, he writes at HealthITSecurity.com. Strategies that rely on automated tools and occasionally traffic monitoring will not be effective in stopping hackers, he says.

It’s especially important, Nye adds, to beef up defensive security because of the ways technology use has changed, including bring-your-own-device trends and the ability to work remotely.

In fact, hospitals increasingly are questioning their ability to keep mobile devices secure, with 82 percent of respondents to a recent Spyglass Consulting Group survey saying it’s a “grave concern” for them.

The best way to find out if attacks are occurring is through a security event and incident management (SEIM) system that is monitored carefully, according to Nye. Previously, perimeter defensive models were the top choice, but those are no longer enough, he says. A SEIM system can examine logs from all networks systems.

“A defensive strategy and security tools are only effective if they are applied to all systems equally,” Nye says. “So ... it is critically important in the defense against today’s advanced threats that your organization have some idea what is on its network.”