Healthcare now has the unfortunate distinction of being the number one most targeted sector for cyberattacks. The latest Verizon data breach study found that healthcare organizations surpassed retailers in the number of incidents last year (458 to 326) and there were more breaches (296 to 293) in healthcare than retail. And the stakes are high: a single ransomware attack can severely impact patient care, and it can even halt operations. According to a U.S. interagency task force, more than 4,000 ransomware attacks have occurred daily since Jan. 1, 2016. In its Worldwide Health Industry 2018 Predictions report, consulting firm IDC Health Insights says that by 2021 the world will have seen its first $100 million class-action lawsuit against a medical device manufacturer for negligence due to a cyberattack causing the death of more than 25 people connected to networked medical devices while hospitalized.
How can Cisco partners protect their healthcare customers?
One of the main contributors to healthcare organizations’ security challenges is that many of them are struggling with an explosion in devices. Network-capable medical devices are critical for patient care, but many lack essential security functionality. 63% of organizations operate these medical devices on their main hospital network, and many have no way of determining which devices are connected to their network and whether the devices may be compromised. Threat actors frequently compromise medical devices and use them to move laterally throughout the network.
To protect sensitive data and other critical resources, healthcare organizations need network visibility and control. Cisco Medical Network Access Control (NAC) was created to help partners provide both. Medical NAC helps secure organizations with large numbers of specialized medical devices from threats such as ransomware. It's also part of Cisco IoT Threat Defense, which aims to enable the Internet of Things by securing these emerging network-capable devices.
Medical NAC features comprehensive visibility to help:
- Identify medical devices. Keeping track of network-capable devices is a challenge for many organizations, especially in healthcare. On top of the security risks new devices can pose, they may be connected to the network by medical staff or vendors without notifying IT or following the appropriate onboarding procedures.
Medical NAC instantly identifies more than 250 leading medical devices and thousands of nonclinical devices as soon as they connect to the network, which gives network and security teams the proper visibility, ensuring full compliance with the organization’s policies.
- Mitigate stealthy attacks. Healthcare organizations face a wide range of attacks, including insider threats, advanced malware and more. To adequately protect their data and resources, organizations need pervasive network visibility to detect suspicious behaviors and threats.
Medical NAC provides visibility across the network, data center, branch offices and cloud using a variety of network traffic metadata, device details, user information and other data sources. Using this data, any activity that’s suspicious, malicious or significantly abnormal is identified, enabling security operators to thwart even the stealthiest threats quickly enough to respond before valuable data is lost.
- Limit the lateral spread of malware. Visibility is crucial, but it isn’t enough on its own to protect your healthcare network. Medical NAC can provide the control needed to harden networks and respond to threats. Capabilities, such as software-defined network segmentation, allow organizations to define access policies from a centralized location and enforce it seamlessly across the entire network, without the burden of maintaining numerous access control lists. This feature also limits the lateral spread of ransomware and other forms of malware.
To learn more about additional Cisco security resources for your healthcare customers, check out the following informative PDF: “5 signs your healthcare network is due for an upgrade,” and be sure to attend our one-hour webinar on Feb. 15 at 1 p.m. ET, “Cisco Security: Stop, Block and Patrol.” The webinar is designed to equip Ingram Micro Cisco partners with an approach that detects and remediates threats faster by implementing cross-architecture initiatives around Umbrella, NGFW (next-generation firewall) and AMP (Advanced Malware Protection) for endpoints.