Cyberattacks have increased in volume and sophistication to the point where it is inevitable that a successful attack will be experienced by all healthcare organizations at some point in their lifespan. Healthcare organizations can hope for the best, but it is vital to plan for the worst and take steps to ensure that the damage caused is kept to a minimum. A major focus for security teams, in addition to reducing risks, is improving cyber resilience. Cyber resilience is the ability of an organization to continue to operate in the event of a cyberattack and to recover quickly.
A recent survey by Cisco indicates executives are aware of the importance of cyber resilience, with 96% of respondents saying cyber resilience is a high priority, and deservedly so, since 62% of respondents said their organization had experienced a security breach in the past two years – a combination of data breaches (51.5%), network/system outages (51.1%), ransomware attacks (46.7%), and DDoS attacks (46.4%). These attacks had severe repercussions for the breached entities, causing disruption to IT systems, communications, supply chains, and internal operations, with four out of 10 breached organizations saying they suffered lasting brand damage.
While the main goal in cybersecurity is still to prevent attacks from occurring, it must be assumed that will not always be possible given the rapidly evolving threat landscape. The cyber resilience lifecycle can be split into five elements: identify, protect, detect, respond, recover, and anticipate. It is important for healthcare organizations of all sizes to address these elements to improve their cyber resilience, and CISCO has identified the most important elements for success.
For CISCO’s Security Outcomes Report, Volume 3: Achieving Security Resilience report, a methodology was developed for scoring organizations on cyber resilience that allowed the researchers to identify seven key factors that are critical to success. All seven of these factors were present in the 90th percentile of cyber resilient organizations and were all lacking in the bottom 10th percentile, these were:
- Strong security support from the C-suite
- Excellent security culture
- Internal staffing and resources for incident response
- Mostly on-premises or mostly cloud-based technology infrastructure
- Mature zero trust
- Advanced endpoint detection
- Converging networking and security into a mature, cloud-delivered secure access services edge
Organizations with poor security support from the C-suite scored 39% lower than those with strong C-suite support. Organizations with a strong security culture scored 46% higher than those lacking a security culture, which can be achieved through regular workforce training. There was a 15% increase in resilient outcomes to security incidents when an internal team and resources were available for incident response. Interestingly, there was no difference in resilience scores between organizations with either most of their technology infrastructure on-premises or in the cloud, but those that were transitioning from on-premises to the cloud had scores reduced by between 8.5% and 14%, depending on how difficult their hybrid environments were to manage.
One of the best approaches to take to improve cyber resilience is to adopt zero trust. This approach to security assumes defenses have already been breached and makes it as hard as possible for malicious actors to move laterally within networks. Implementing zero-trust is not a quick process, but its importance in healthcare is well understood. A recent Okta survey indicates 58% of healthcare organizations have started implementing zero-trust initiatives and 96% of all surveyed healthcare respondents said they had either started implementing zero-trust or plan to in the next 12-18 months. Guidance on implementing zero-trust in healthcare was recently published by Health-ISAC.
Cisco reports that organizations with a mature zero-trust model had 30% higher cyber resilience scores on average than those that had none. The most significant boost came not from zero trust, but from advanced endpoint detection and response capabilities, which improved cyber resilience scores by 45%. Converging networking and security into a mature, cloud-delivered secure access services edge increased security resilience scores by 27%.
“The Security Outcomes Reports are a study into what works and what doesn’t in cybersecurity. The ultimate goal is to cut through the noise in the market by identifying practices that lead to more secure outcomes for defenders,” said Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco. “This year we focused on identifying the key factors that elevate the security resilience of a business to among the very best in the industry.”
The post Most Important Factors for Improving Cyber Resilience appeared first on HIPAA Journal.