HEALTHCARE ORGANISATIONS SHOULD START AT THE SOURCE BY EVALUATING THE SECURITY OF ANY NEW INTERNET-CONNECTED DEVICES AND EQUIPMENT DURING THE ONBOARDING PROCESS .
D I G I T A L D I A G N O S T I C S
HEALTHCARE ORGANISATIONS SHOULD START AT THE SOURCE BY EVALUATING THE SECURITY OF ANY NEW INTERNET-CONNECTED DEVICES AND EQUIPMENT DURING THE ONBOARDING PROCESS .
Unless healthcare organisations block those attack paths , they ’ ll perpetually be playing catch up to the next vulnerability .
Network segmentation is also critical , whenever possible to achieve network isolation . But organisations must first understand their potential attack vectors : those that segment networks without first understanding ‘ why ’ and where to prioritise their focus will find their efforts far less effective . Networks must also be continuously monitored for anomalies . This process should include the ability to set network rules , easily comb through data and receive insights that indicate key issues and threats .
Forensic analysis action plans must also be part of any threat identification and mitigation playbook . The ability to collect data at the time of an incident is critical . Policies and procedures should be thoughtfully maintained and businesses should perform tabletop exercises regularly to ensure their plans remain appropriate and optimised . externally , unsecured running services and employees ’ dangerous behaviour are all important risk vectors to identify and address . Because these threats change across devices , across healthcare facilities and over time , organisations should automate exploit analysis to better understand the paths that attackers could take to compromise their environments .
The same attack paths are often reused over and over again , even while the underlying application or service exploited is different .
A clear , predetermined strategy and process for regular system patching is also critical .
Secure devices from start to finish
Last but certainly not least , healthcare organisations should start at the source by evaluating the security of any new Internetconnected devices and equipment during the onboarding process . Identifying any risks to newly procured devices will pay dividends when it comes to mitigating ongoing risks in the long term .
By enlisting the methods outlined above to achieve greater visibility and prepare effective mitigations , healthcare organisations can more successfully navigate around zero-day exploits that will inevitability put their security to the test . �
www . intelligenthealth . tech 65