Tag Archives: BYOD

Palo Alto Networks : Not Enough Cybersecurity Staff In Healthcare

Palo Alto Networks : Not Enough Cybersecurity Staff In Healthcare

Palo Alto Networks revealed that despite an increase in cybersecurity budgets, there is a lack of dedicated cybersecurity staff in the healthcare industry.

 

Palo Alto Networks : Not Enough Cybersecurity Staff In Healthcare

SINGAPORE, 29 November 2017 – As the adoption of digital technology in the healthcare industry accelerates, there is an increasing need to protect another side of patients’ and healthcare organisations’ well-being – the security of their personal data. This emphasis on protecting data and mitigating cyberthreats is reflected in the industry’s significant investment into cybersecurity.

According to a recent survey * by Palo Alto Networks, about 70 percent of healthcare organisations in Asia-Pacific say that 5 to 15 percent of their organisation’s IT budget is allocated to cybersecurity.

The survey was conducted amongst more than 500 business professionals in APAC, covering Australia, China, Hong Kong, India and Singapore markets.

However, despite substantial budgets, there seems to be a need for the healthcare industry to catch-up with industry peers in terms of cybersecurity talent, with only 78 percent having a team in their organisations dedicated to IT security, the lowest among other industries surveyed. This is also well-below the industry-wide average of 86 percent.

 

Risk factors

Aside from monetary loss associated with data breaches and availability of connected devices which monitor patient lives, healthcare professionals are most worried about the loss of clients’ contacts, financial or medical information – 30 percent have cited loss of details as key. Fear of damaging the company’s reputation among clients comes next at 22 percent, followed by 17 percent citing company downtime while a breach is being fixed as a concern.

Cybersecurity risks in healthcare organisations are also amplified with BYOD (Bring Your Own Device), with 78 percent of organisations allowing employees to access work-related information with their own personal devices such as their mobile phones and computers. In addition to this, 69 percent of those surveyed say they are allowed to store and transfer their organisation’s confidential information through their personal devices.

While 83 percent claimed there are security policies in place, only 39 percent admit to reviewing these policies more than once a year – lower than the 51 percent of respondents from the finance industry, a sector also known to hold sensitive client data.

[adrotate group=”1″]

 

Call to get in shape for the future

As more healthcare organisations fall prey to cyberattacks, such as ransomware, a lapse in data security is a real threat to the industry, hence organisation-wide education and awareness are crucial towards ensuring that the right preventive measures are implemented and enforced.

54 percent of the respondents have cited an inability to keep up with the evolving solutions being a barrier to ensuring cybersecurity in their organisations, and 63 percent of respondents attributed this to an ageing internet infrastructure as the likely main reason for cyberthreats, should they happen.

 

Palo Alto Networks Tips For Healthcare Organisations

Here are some tips for healthcare organisations:

  • Ensure that medical devices are equipped with up-to-date firmware and security patches to address cybersecurity risks. Medical devices are notoriously vulnerable to cyberattacks because security is often an afterthought when the devices are designed and maintained by the manufacturer. These precautionary measures may include having an inventory on all medical devices, accessing network architecture and determining patch management plan for medical devices, as well as developing a plan to migrate medical devices to the medical device segment.
  • Apply a zero trust networking architecture for hospital networks, making security ubiquitous throughout, not just at the perimeter. Healthcare organisations should look to segment devices and data based on their risk, inspecting network data as it flows between segments, and requiring authentication to the network and to any application for any user on the network.
  • Practices such as BYOD and some employees’ ability to store and transfer confidential information through their personal devices put them at a higher risk of phishing attacks. To prevent this, healthcare providers should ensure that staff undergo regular end-user security training to reduce successful phishing. Cybersecurity best practices can be taught as a new hire class for every employee.
  • As healthcare organisations migrate portions of their critical infrastructure and applications to the cloud, it becomes imperative for an advanced and integrated security architecture to be deployed to prevent cyberattacks on three-prongs: the network, the endpoint and the cloud. Traditional antivirus will not be effective in guarding against advanced malware such as ransomware which continuously changes to avoid detection.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Microsoft SIR : APAC Vulnerable To Malware In 2017

7 February 2017 – Microsoft today marked “Safer Internet Day” with regional findings from the Microsoft SIR (Security Intelligence Report), Volume 21, a twice yearly report that provides unique insights into the threat landscape to help organizations learn about trend data in industry vulnerabilities, exploits, malware and web-based attacks.

The Microsoft SIR report, released in December last year, identified Asia Pacific markets, especially the emerging ones, as among those at the highest risk of cybersecurity threats. Three out of the top five global spots for rate of malware encounters in the region. Malaysia placed 11th amongst the top markets in Asia Pacific under malware threats. Furthermore, Malaysia reported a malware encounter rate of more than 27.6%, compared to the worldwide encounter rate of 20.8 percent during the same period.

Two of the top five locations across the globe most at risk of infection included neighbouring countries Vietnam and Indonesia. Other top markets under malware threats include large developing markets and Southeast Asia countries – Mongolia, Pakistan, Nepal, Bangladesh, Cambodia, the Philippines, Thailand and India – each with encounter rates of more than 30 percent.

However, markets in the region with higher levels of IT maturity such as Japan, Australia, New Zealand, South Korea, Hong Kong and Singapore have displayed malware encounter rates that are below the worldwide average, highlighting the diverse cybersecurity landscape in the Asia Pacific.

Top Markets in the Asia Pacific under Malware Threats in the Microsoft SIR :

  1. Mongolia
  2. Vietnam
  3. PakistanIndonesia
  4. Nepal and Bangladesh
  5. Cambodia
  6. Philippines
  7. Thailand
  8. India
  9. Sri Lanka
  10. Malaysia
  11. Taiwan
  12. China
  13. Singapore
  14. Hong Kong
  15. South Korea
  16. Australia
  17. New Zealand
  18. Japan

 

Top Encountered Malware in Asia Pacific

The Microsoft SIR report showed that the top most encountered malicious software families in Malaysia include:

  • Gamarue, a worm which can give a malicious hacker control of your PC, steal information and change PC security settings;
  • Lodbak, a trojan that is usually installed on removable drives by Gamarue, and which attempts to install Gamarue when the infected removable drive is connected to a computer; and Peals is a generic detection for various threats that display trojan characteristics.

In particular, Gamarue, the most commonly encountered non-generic threat was encountered by 3.3 percent of computers. This worm is commonly distributed via exploit kits and social engineering and can also be attached to spam mails.
Gamarue’s variants, can give a malicious hacker control of the infected computers and have been observed stealing information from the devices and communicating with command-and-control (C&C) servers managed by attackers. Gamarue also makes unwanted and malicious changes to the local computer’s security settings.

Jasmine Begum, Director, Corporate External & Legal Affairs (CELA), Microsoft Malaysia said, “With increasing malware encounters and sophistication of cyberattacks, cybersecurity is becoming a mission critical priority for most organizations. It generally takes an average up to 200 days for organizations to find out that they have been breached. With no sign of abatement in the future, what companies need is a Secure Modern Enterprise posture, which involves well-integrated “Protect-Detect-Respond” investments and capabilities, with a strategic focus on the core pillars – Identity, Apps, Data, Infrastructure and Devices. Additionally, organizations should also strongly consider adopting trusted cloud-based services to enjoy the highest levels of data protection, leveraging the cloud provider’s enterprise-grade security and privacy expertise, assurances and certifications.”

Security teams should also keep abreast of changes in the threat landscape brought about by emergence of cloud computing. The latest report contains an expanded Featured Intelligence section that includes a deep dive section on Protecting cloud infrastructure: detecting and mitigating threats using Azure Security Center. This section details new threats that organizations may encounter and explains how they can use Azure Security Center to protect, detect, and respond to security threats against Azure cloud-based resources.

Some of the new cloud-targeted threats outlined in the Microsoft SIR are:

[adrotate group=”2″]
  • Pivot back attacks, which occurs when an attacker compromises a public cloud resource to obtain information that they then use to attack the resource provider’s on-premises environment
  • “Man in the Cloud” attacks, in which an attacker induces a prospective victim to install a piece of malware using a typical mechanism, such as an email with a link to a malicious website. It then switches out the user’s cloud storage synchronization token with the attacker’s token, allowing the attacker to receive copies of each file the user places in cloud storage. This effectively makes the attacker a “man in the middle” for cloud storage.
  • Side-channel attacks, where an attacker attempts to put a virtual machine on the same physical server as the intended victim. If he succeeds, the attacker will be able to launch local attacks against the victim. These attacks might include local DDoS, network sniffing, and man-in-the-middle attacks, all of which can be used to extract information.
  • Resource ransom, where attackers hold cloud resource hostage by breaking into and controlling public cloud account, and then requiring the victim to pay a ransom to release encrypted or restricted resources.

Organizations need to ensure they have a robust cybersecurity posture to withstand and respond effectively to most cyberattacks and malware infections.

Five best practices for improving defence against cybersecurity threats are:

  • Ensure strong fundamentals: Use only genuine, current and updated software. The usage of IT assets which are old, unprotected, or are non-genuine in nature, substantially increase the chances for a cyberattack. For example, pirated and counterfeit software are known to come with embedded malware infections.
  • Focus on cyber hygiene: Poor cyber hygiene of IT users, negligent employee behaviour or weak credentials/password protection within an organization, adds a high degree of vulnerability for system compromise. With more and more personal devices being used at the workplace, the higher the chance they are infected.
  • Have a data culture: Develop a big data analytics culture involving data classification, multifactor authentication, encryption, rights management, machine learning for behavioural analytics and log analytics to spot user anomalies and irregular or suspicious patterns, which could provide potential clues in advance to prevent impending or ongoing security breaches.
  • Invest in a robust cyber defence ecosystem and monitor all systems in real time: Invest in trusted security solutions and modern threat protection technologies to monitor, detect and remove common and advanced cyber threats in real time, while developing in-house expertise to undertake threat analytics.
  • Regular assessment, review and audit: Be comprehensive on all aspects of cybersecurity, not just technology. Have a IT trusted supply chain across cloud, software, hardware, Internet of Things, BYOD (bring your own device) and regularly review and assess cybersecurity investments and performance of both software and hardware deployment, including customer and vendor access to the corporate network.

Resources like the Microsoft SIR (Security Intelligence Report) are just one aspect of the Microsoft comprehensive approach to security – including a holistic platform, unique intelligence and broad partnerships – which is critical to enabling the digital transformation of leading organizations in Asia.

As part of Microsoft’s commitment to building trust in technology in the region, it launched its first combined Transparency Center and Cybersecurity Center in October 2016. Located in Singapore, the joint facility brings together Microsoft capabilities in a single location in Asia Pacific, to serve the security needs of the public and private sector and foster the building of a trusted and secure computing environment.

Go Back To > Enterprise | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!