On June 16, 2022, The Health Sector Cybersecurity Coordination Sector (HC3) of Healthcare Systems Security (HSS) released a set of guidelines that outline how health entities can increase their cybersecurity levels. HHS use the term cyberposture to refer to the level of cybersecurity a healthcare entity has. If an entity is seen to have an impressive cyberposture, they display the ability to anticipate cyberthreats and subsequently deal with them. Additionally, the healthcare entity should have the ability to carry out their usual proceedings while under the threat of a cyber-attack.
There are two main ways to ensure a healthcare entity can continue to operate in a time of cyber threat:
- The entity should assess their backup strategies to protect critical data, ensuring it ca be retrieved if it has been lost or destroyed due to a cyberattack. When data is stored as a backup it should be done so independent of the original data, in an offline setting as opposed to a network that may also come under threat.
- If the healthcare entity uses technology that requires manual handling, tests should be carried out to verify the controls work to satisfactory standards, should the entities network become compromised.
The following are the guidelines released by HHS, detailing the means in which healthcare entities can improve their cyberposture:
• Conduct regular security posture assessments
• Consistently monitor networks and software for vulnerabilities
• Define which department owns what risks and assign managers to specific risks
• Regularly analyze gaps in your security controls
• Define a few key security metrics
• Create an incident response plan and a disaster recovery plan
Detecting a potential threat
Healthcare organizations should ensure that individuals employed in their cybersecurity sector are alert and equipped to identify suspicious activity within the network of the entity. Logging should also be enabled within the entity, to ensure all activity is trackable. This ensures that any activity deemed to be unusual is analyzed. Healthcare entities must also assess their network’s antivirus protection and aim to be equipped with antimalware software throughout. Software and any associated tools should be frequently updated where necessary. Finally, if a healthcare entity works with business associates, the entity must monitor and assess activity to and from those organizations, reviewing the traffic’s access controls to detect and potential external threats.
The benefits of following HSS guidelines
If these guidelines are followed, the healthcare entity will benefit significantly. Primarily, the data stored by the healthcare entity will be extremely safe, with a very reduced chance of the data being unlawfully accessed, through either viewing or storage. The likelihood of data being accidentally destroyed is also lower due to the disaster recovery plan put in place by entity. In addition to the increased protection of data, an improved cyberposture mitigates the chances of fraud and cyber espionage.