In today's rapidly evolving digital landscape, offensive security has emerged as a crucial strategy for organizations, particularly in the healthcare sector. In our latest industry cut, The Offensive Security Blueprint for Healthcare, we share a comprehensive analysis based on input from 100 participants representing healthcare organizations (15% of the total sample) in Ponemon Institute's 2023 State of Offensive Security Report.
This industry analysis serves a dual purpose:
- Empower healthcare security leaders to gain a profound understanding of the current offensive security practices that are shaping the healthcare industry
- Strengthen security strategies by sharing the essential elements that must be integrated into your security approach for robust protection
Don't miss out on this authoritative report that will equip you with the knowledge and strategies necessary to safeguard your healthcare institution in an ever-changing threat landscape.
Research Findings: Healthcare
The healthcare sector is a prime target for digital threats due to its sensitive patient data. However, our analysis shows that healthcare organizations with mature security programs are diligently taking proactive measures to identify and address potential vulnerabilities. These organizations should be looked to as prime examples in the industry for effectively combating modern adversaries.
The most common offensive security practices employed by these organizations include red teaming, application security, network testing, and IoT testing for medical devices. In fact, 63% of these organizations believe that these practices have effectively strengthened their defenses against top cyber threats.
By adopting these proactive measures, healthcare organizations are taking a strong stand against digital threats and safeguarding the privacy and security of patient data.
Usage of Offensive Security
Healthcare organizations prioritize offensive security testing for their internal and external networks (50%) and IoT testing/product security (51%) at a slightly higher rate than other industries (47% and 49% respectively). This is largely due to government regulations, such as HIPAA, and recommendations from certification agencies, like HITRUST. However, they fall behind in utilizing other offensive security services compared to their counterparts in different sectors.
Historically, the healthcare sector has been hit by ransomware attacks that propagate throughout the network and impact the entire system. These ransomware attacks not only impact internal IT systems but can be detrimental to patient care, and even fatal. Consequently, safeguarding network infrastructure is vitally important, which is evidenced by the industry's emphasis on internal and external network testing. Ensuring the uninterrupted operation of critical healthcare systems and protecting sensitive patient data are paramount to the safety and well-being of patients.
In addition, medical device security and IoT testing are both growing trends as the world becomes even more interconnected. The pandemic fueled these trends, as we saw with the explosion of in-home care options and connected devices to better monitor patient health.
FIGURE 1 - Does your organization's offensive security strategy include any of these services?
Drivers for Offensive Security Testing
In addition to the explosion of medical devices, the global pandemic dramatically reshaped the healthcare sector in terms of embracing new technology like telehealth services. In fact, 46% of healthcare organizations with mature security programs consider "new technology adoption" as a top priority for offensive security testing, slightly surpassing the industry average (44%). Unsurprisingly, regulatory and third-party compliance are also a major focus for healthcare organizations, with 42% prioritizing it. Additionally, the sector heavily depends on cloud-based solutions and new applications to provide top-notch patient care, as indicated by the figures of 37% for ‘cloud migration’ and 38% for ‘new application releases’.
FIGURE 2 – Which of the following use cases has driven offensive security testing in your organization in the last 18 months?
Executive oversight and mergers and acquisitions have emerged as critical priorities in the healthcare industry. Surprisingly, healthcare organizations are placing more emphasis on these areas compared to other industries. In fact, 23% of healthcare organizations consider executive oversight important, surpassing the industry average of 21%. Similarly, 25% of healthcare organizations prioritize mergers and acquisitions, exceeding the all-industry average of 23%. Moreover, in response to the challenges brought by the pandemic, leaders increasingly acknowledge the importance of executive-level involvement in security programs to guarantee the safe and efficient provision of healthcare services in a new era of digital healthcare.
Top Cyber Threats
Insider threats, ransomware, and zero-day exploits are the key concerns for healthcare organizations, accounting for a significant 45%, 43%, and 38%, respectively. These priorities set them apart from the all-industry average, which prioritizes ransomware at 41%, social engineering attacks at 40%, and cloud vulnerabilities at 39%.
FIGURE 3 – What types of cyber threats are driving your offensive security investments?
Red Team Services
Healthcare organizations understand the criticality of conducting regular testing that mimics real-world situations and potential threats. The industry is increasingly inclined (66%) towards conducting Red Teaming exercises on a quarterly, monthly, or continuous basis, showing a strong dedication to constant vigilance. Furthermore, healthcare organizations are highly motivated to substantially or moderately boost their investments in Red Teaming (58%) in the next one to two years. This unwavering commitment to thorough testing and increased investment underscores the industry's firm resolve to ensure robust security measures.
FIGURE 4 – Which Red Team services are most important for your organization to test?
Cloud Security
Our study unveils a clear inclination towards the utilization of public cloud in the healthcare sector, with leading providers identified as AWS, Azure, and IBM. Healthcare institutions value cloud configuration reviews slightly more (41%) compared to the general industry (38%), and threat analysis even more so (47% vs. 41% industry-wide). The nearly identical importance attached to penetration testing (58% for healthcare vs. 59% industry-wide) and assumed-breach scenarios (26% vs. 27%) across different sectors underscores a mutual recognition of their crucial role in an aggressive cybersecurity approach.
FIGURE 5 – Which cloud service provider is your organization currently using?
Conclusion
The healthcare industry is making significant progress in securing its environment, as evidenced by the Ponemon data, which surveyed healthcare organizations with advanced security programs and revealed their commitment to offensive security. These organizations prioritize internal Red Teaming, favor public cloud usage, and make substantial investments in securing medical devices.
Unlock the full power of the Healthcare industry cut with our comprehensive analysis. Discover why healthcare organizations are investing in their offensive security capabilities and learn how you can implement these game-changing tactics in your own organization. Don't miss out on this opportunity to stay ahead of the curve. Download now.
Subscribe to Bishop Fox's Security Blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.
Recommended Posts
You might be interested in these related posts.
Sep 17, 2024
Navigating DORA Compliance: A Comprehensive Approach to Threat-Led Penetration Testing
Aug 28, 2024
Offensive Security Under the EU Digital Operational Resilience Act (DORA)
Aug 13, 2024
Manipulating the Mind: The Strategy and Practice of Social Engineering
Aug 01, 2024
Adversarial Controls Testing: A Step to Cybersecurity Resilience