Why Healthcare Must Take a Breach Containment Approach to Cybersecurity

July 2023 marks the 75^th anniversary of the UK's National Health Service (NHS), making it is a fitting time to reflect on the remarkable journey of this iconic institution and the significant changes to the healthcare industry that it has witnessed.

Over the years, healthcare has transformed in unimaginable ways, driven by advancements in medical science and technology. As a result of these advancements and the increasing demand for quality care, the healthcare industry is continuing to experience rapid digital transformation. Like many other healthcare systems, the NHS has faced unprecedented challenges over the course of their history in securing against ever-growing cyber threats.  

In this blog post, we will explore how healthcare and its security needs have changed in the context of the NHS’ anniversary and why the healthcare industry must take a breach containment approach in today’s complex threat landscape.

The NHS' challenge: Meeting today’s healthcare – and cybersecurity – needs

Founded on July 5, 1948, the UK’s NHS (National Health Service) provides medical care to more than a million individuals, making it the second-largest single-payer healthcare system in the world. From pioneering organ transplants, medical imaging advancements, and new vaccines to responding to the recent COVID-19 pandemic, the NHS has become a pioneering universal healthcare system and a center for healthcare innovation.

But the NHS, like many other healthcare systems, faces unique challenges in securing against today’s complex cyberattacks. As technology has become deeply ingrained in healthcare practices, bad actors are taking advantage of healthcare organizations to cause havoc and receive ransom payouts.  

The most important concern for healthcare industry security teams is attacks making it take longer to deliver care and limiting operations during recovery. When it comes to patient health and safety, speed is everything, and breaches can significantly slow down or even halt operations.

The NHS has increasingly faced significant cyberattacks that have made headlines worldwide:

• May 2017: The NHS fell victim to the WannaCry ransomware attack which exploited vulnerabilities in outdated Windows operating systems, spreading rapidly and causing widespread disruption to the NHS’ services.
• August 2022: Criminal hackers took offline seven health systems used by the NHS, including software used for patient check-ins, medical notes, and the NHS 111 service.

• June 2023: Bad actors compromised an NHS patient data set from the University of Manchester that holds information on 1.1 million patients across 200 hospitals.
• July 2023: Ransomware gang BlackCat claimed to have stolen 70 terabytes of sensitive healthcare data from Barts Health NHS Trust which serves more than 2.5 million patients.

Healthcare innovation is creating cybersecurity gaps

Today, many parts of healthcare are unrecognizable from just a few decades ago thanks to rapid digital and technological transformation.  

Breakthroughs in medical science and the adoption of digital solutions have revolutionized healthcare delivery. Electronic health records (EHRs), telemedicine, and connected medical devices have improved patient care, enhanced collaboration among healthcare providers, and streamlined operations.

However, these advancements have introduced new challenges in protecting healthcare resources, IoT devices, and sensitive patient data. The nature of healthcare makes the industry an attractive target for cybercriminals seeking financial gain – ransoms get paid quickly so patients’ lives are not put in jeopardy by offline systems or downed technology. Securing against these kinds of attacks has become an urgent priority for healthcare organizations.

Cyberattacks can also erode patient trust. In healthcare, trust is not just an option; it is an absolute necessity, especially for large healthcare systems like the NHS. The trust that patients place in the healthcare system is the very foundation upon which it operates, and maintaining this trust is of utmost importance.

How can healthcare prepare for increasing cyber threats? Read our Q&A with a healthcare cybersecurity expert.

Shifting from prevention and detection to breach containment

Cyber threats targeting healthcare have grown in sophistication, making prevention and detection alone insufficient. Attackers are relentless in their pursuit. Breaches are inevitable.

Recognizing this reality, healthcare organizations must transition from solely focusing on preventing and detecting breaches to adopting strategies that effectively contain and mitigate the damage when incidents occur.

• Minimizing the impact of breaches: Swift breach containment is essential to minimize the impact on patient care and operational continuity. By embracing a breach containment mindset, healthcare providers can swiftly isolate affected systems, limit lateral movement, and reduce the potential harm caused by a breach. By minimizing damage and downtime, organizations can mitigate the disruption to critical services and protect patient welfare.

• Meeting compliance and legal obligations: The healthcare industry is subject to stringent regulatory and legal obligations when it comes to data breaches. Regulations such as HIPAA and GDPR mandate that organizations implement effective breach response and containment measures. By adopting a breach containment mindset, healthcare providers demonstrate their commitment to compliance and accountability, mitigating potential legal ramifications and reputational damage.
• Fostering trust and reputation: Maintaining patient trust is paramount in the healthcare industry. Breaches can erode patient confidence and tarnish an organization's reputation. Embracing a breach containment mindset enables healthcare providers to demonstrate their commitment to patient health, data security, and their ability to respond effectively in times of crisis. This proactive approach helps rebuild trust, safeguard reputation, and preserve patient loyalty.

Illumio Zero Trust Segmentation: Strengthening healthcare cyber resilience

In the face of increasing cyber threats, healthcare systems worldwide require modern cybersecurity solutions that meet the needs of their modern networks, devices, and infrastructure. Illumio Zero Trust Segmentation (ZTS) offers a breach containment approach to stopping the spread of breaches and ransomware for healthcare organizations.  

ZTS, also called microsegmentation, allows healthcare organizations to establish granular control over workload communications. By implementing ZTS, organizations can limit lateral movement within their networks, reducing the attack surface for cyber threats. This approach ensures that even if an attacker gains access to one part of the network, they are isolated from critical systems and sensitive data.

The Illumio ZTS Platform provides real-time visibility into network traffic, enabling healthcare organizations to understand communication patterns and identify any anomalies that may indicate a cyber threat. With this level of visibility and control, healthcare providers can implement strong security policies and respond swiftly to potential breaches.

As we celebrate 75 years of the NHS, it is crucial to acknowledge the tremendous progress made in healthcare alongside the challenges posed by today’s cybersecurity threats. The NHS has shown resilience in adapting to these challenges and remains committed to providing high-quality care while protecting patient data.  

Moving forward, it is imperative for the healthcare industry, and especially the NHS, to prioritize digitization. In fact, many experts predict that the NHS’ current operational model will not be sustainable into the future. With patient needs growing exponentially over time, healthcare organizations must continue digital transformation efforts, and cybersecurity must be put at the forefront of that innovation. Healthcare can stay resilient and ensure the well-being and safety of patients for generations to come by embracing emerging technologies while adopting a proactive security approach.

Read the Zero Trust Segmentation for Healthcare Organizations guide.

Contact us today to learn more about Illumio ZTS can secure your healthcare organization against the spread of breaches and ransomware.