Australia’s healthcare has been consistently targeted by cyber criminals in recent years. In fact, healthcare has reported the highest volume of data breaches across all Australian sectors since 2018, according to the OAIC’s Notifiable Data Breaches Report.
These attacks have brought major healthcare providers to a standstill. For example, a local health district that operates major hospitals in Melbourne experienced a cyber-attack that resulted in its IT systems going offline and surgeries being cancelled, forcing them to resort to manual paper-based processes.
If a cyber attack can have such a profound impact on a major health organisation, imagine the impact on smaller healthcare providers in rural or remote areas, which typically have weaker cybersecurity postures and significantly fewer resources.
As of 2023, there were 700 public hospitals in Australia, of which the majority (511) were located in regional, rural and remote areas. These healthcare providers play a critical role in supporting patients in these rural and remote communities. They cannot afford for their local hospitals to experience cyber attacks that lead to delayed patient care or downtime of any kind, as the nearest hospital may not be easily accessible.
Security obstacles
There are a number of unique constraints on small to medium-sized healthcare providers, which make it difficult for them to implement robust cybersecurity measures. For example, these healthcare providers may have limited staff overall (which means a much smaller team dedicated to cybersecurity, if any). They also have lower budgets and aging infrastructure, which all lead to gaps in their security posture.
As a result, cybercriminals have specifically targeted rural and remote health networks in recent years. In 2019, one regional hospital network in Victoria suffered a severe ransomware attack, which caused its systems to go offline and patient surgeries to be delayed or cancelled altogether. The affected hospitals had to revert to manual systems to maintain services and work with cybersecurity experts to regain access to their systems, which caused significant stress and financial losses.
As rural and remote healthcare organisations continue to be a target for cyber criminals, healthcare providers must recognise that it is not only patient data that is at risk – it’s also things like building management systems (BMS) and medical devices, which are all connected to the internet too. In fact, recent research by Claroty found that approximately one quarter of medical devices surveyed contained security vulnerabilities.
Critical factors
However, with the right cybersecurity policies and protection in place, rural and remote healthcare providers can overcome these challenges and build a long-term foundation for better cybersecurity.
How can rural and remote healthcare providers protect themselves?
There are a few critical factors that rural and remote healthcare providers should keep in mind when searching for the right cybersecurity solution. Specifically, cybersecurity tools must:
1. Provide strong visibility of all internet-connected devices and other assets
Having an accurate list of all the devices and other assets that are connected to the internet is the foundation of any healthcare organisation’s cyber strategy. After all, you cannot protect every device in your network if you don’t even know it even exists, or you don’t know its location and connection to other devices in your network. Security tools must be able to automatically map this out for you.
2. Identify the most critical security vulnerabilities and recommend remediation strategies
Security teams in major health providers already have an impossibly long list of vulnerabilities to address. This situation is even worse for rural and remote healthcare providers who have fewer resources to identify which exposures pose the greatest risk to their operations. That’s why health providers should look for a cybersecurity solution that can rank these vulnerabilities based on their impact on critical operations and recommend a plan of attack. This helps them prioritise which security issues to fix first, and alleviates the pressure on security teams by taking out some of the guesswork.
3. Suggest and enforce policies to protect network infrastructure
Applying the right policies to each device in your network is critical to improve your overall security posture. For example, some devices/assets in a healthcare setting may require stricter login credentials than others. With so many different devices to keep track of, healthcare providers should look for a solution that automates the enforcement of these policies and makes suggestions based on best practices in healthcare environments.
4. Align with relevant industry frameworks
Healthcare providers should look for a solution that aligns with Australia’s relevant cybersecurity frameworks, such as the Australian Cyber Security Centre’s (ACSC) Essential Eight, the National eHealth Security and Access Framework (NESAF), and the Security of Critical Infrastructure (SOCI) Act. By aligning cybersecurity practices with established healthcare benchmarks, organisations can achieve greater compliance with the often-confusing regulations set forth by the government and industry bodies.
5. Integrate with current security solutions
Implementing a new cybersecurity solution doesn’t mean starting over from scratch. If a healthcare provider has already installed basic cybersecurity solutions such as firewalls or network access controls (NACs), new security tools should be able to integrate seamlessly with these, rather than adding any new complexity.
The takeaway
Rural and remote healthcare providers face the same cyber threats as larger health organisations, yet they often lack the resources to adequately protect themselves. As they work to strengthen their cybersecurity and protect their patients and data, investing in the right cybersecurity technology can make all the difference when it matters most.
