Healthcare has once again stood ahead in cyber breaches during 2018, claiming 25% of all incidents reported, according to BakerHostetler’s report.  The report also indicated that health information was the second most insecure data which is prone to cyber attacks. After insider threat and social security numbers, which stood at 55% and 37% of all incidents, healthcare stands the third potential industry to experience compromised records.
Healthcare – A Preferred Target by Cyber Criminals
The healthcare sector is a preferred target among cybercriminals as they are loaded with heaps of personal information, topped with heaps of human error in the organization. According to research submitted by JAMA Internal Medicine, which analyzed 1,138 breach cases during 2009 and 2017, 53% of these breaches originated within the organization.  In June 2019, six healthcare providers were hit by devastating ransomware in separate incidents, and nearly 50% of CISO’s in this industry experienced cyber attacks for data destruction. 
An incident in this industry, on an average, is detected in 36 days and takes an additional ten days to be contained. 
It’s Time to Plan for the Inevitable
Healthcare organizations must start assessing expected attacks on their networks. While data theft is quite common in healthcare, ransomware is creating a profound effect on healthcare businesses. Considering the most recent ransomware attacks in the health sector, where two organizations, Ohio’s NEO Urology and Estes Park Health, paid ransom to the attackers to restore and maintain patient care.  Ohio NEO Urology incurred $30,000 to $50,000 revenue loss per day and paid $75,000 to the hackers to get their systems unlocked.
It is high time that the healthcare organizations stand for themselves and raise awareness on preparing to face these attacks to retain their patients’ trust in them.
Sean Curran, Senior Director of West Monroe Partners’, commented that “All recovery needs to be focused on how they get treatment going effectively. They’re going to have patients coming in on Monday morning expecting treatment,” he added. “So what are you going to do to recover, and what’s most important needs to be the priority.”  Curran explained that organizations should plan for business continuity and incidence response by creating a team of cybersecurity where each member will play an assigned role in case of the event. Cyber insurance shall also be a priority in healthcare, he added.
Healthcare Post Attack Serving Contiguously
One of the biggest challenges in healthcare is that the industry leaders are more concerned about compliance than ensuring the measures that enable business stability even during the cyber attack. Health firms lose nearly 7% of their customers after a data breach, which is the highest when compared to other industries.  The latest attack on New York-based Olean Medical Group and Seneca Nation Health System reported that the access to their systems was pulled down, and the latter’s website was also affected. 
Estes Park Health is another healthcare that suffered a ransomware attack in June 2019. Thanks to its incident response plan that enabled the provider to continue serving patients, even though, the management was forced to pay the ransom to restore the data. 
Most people don’t stop eating bacon after their first cardio-attack. Similarly, healthcare should be prepared to continue its services when it experiences an incident.
Healthcare Protecting Against Breaches
BakerHostetler report recommends healthcare to use “compromise threat intelligence” to identify expected threats and address them before they realize.  It can be done using security risk assessments, prioritizing a security plan, and emphasizing employee awareness training on unexpected risks. Those entities involved in mergers should perform due diligence in security posture and potential vulnerabilities. BakerHostetler also suggested precautions that healthcare should take before moving data to the cloud, such as defining access points or implementing multiple authentications on the data.
Backups and Incident Response – Another Proactive Measure for Healthcare
Sometimes healthcare providers rely on backup data so much that they realize after the breach that the format of the backup is not accessible. Like ResiDex,  which used its backup data at the time of ransomware attack, other healthcare providers can also follow their footsteps.
Besides backup, organizations may take time to recover data and re-establishing the entire system. Olean Medical Group did not pay a ransom amount but worked to regain the files that were encrypted to populate the new system.
Sean Curran quoted, “Everything you think of as recovery methods are what the hackers are thinking about too. You need to make sure you can restore or rebuild the system, and ask what will be required to do that?” He explained that everything in the backup might not be required immediately but considering a backup plan is imperative. Leaders like Curran have been positively encouraging healthcare providers by suggesting methodologies that are easy to implement and economical to their budget.
A Bigger Picture of U.S. Healthcare Breaches in 2019
According to Business Insider Intelligence Digital Health Briefing , cybersecurity is no longer U.S. health firms’ priority. From first position, the privacy and security policies in the health firms have fallen to third place in 2018. Health firms are reluctant to make security investment a priority. The U.S. based healthcare sector believe that security in healthcare is underfunded.
As a cyber enthusiast, if you want to be a pro in cybersecurity, it is time for you to become a Certified Ethical Hacker (C|EH). C|EH is a flagship program from EC-Council that is the most desired certification in cybersecurity that any security professional will ever want. Certified Ethical Hacker is a portfolio that makes you a skilled hacker who uses the same knowledge and tools as a malicious hacker but in a lawful and legitimate manner. The program is vendor-neutral and covers all the five phases of ethical hacking – reconnaissance, access gaining, enumeration, maintaining access and covering your tracks.