Healthcare organisations are operating in an increasingly complex environment.

In addition to effects of Covid-19 which are still being felt all over the world, providers are also dealing with the ‘great resignation’ which is seeing thousands of healthcare workers leave the industry. They are also facing a significant rise in cybersecurity attacks. The increase in security breaches and attacks is due, in part, to the expansion of the attack surface and the strained infrastructure that many providers maintain. 

A study by the Ponemon Institute in Michigan, USA, found that in 2019 the average cost of a breach for a healthcare organisation was approximately $8 million, and trending upwards. According to a report by the US Department of Health and Human Services, a breach can exceed $400 for each patient record that is exposed, elevating the importance of establishing strong risk management practices. 

In response to this, Microsoft continues to expand its commitment to privacy, security and compliance, pledging $20 billion investment in cybersecurity research and development between 2022 and 2027. This enables us to continue responding to customers’ increasing demand for effective security products.  

Microsoft is also working with security innovators, which are extending the capabilities of our tools in response to the specific threats faced by healthcare organisations. The goal of cybersecurity is to predict, prevent, detect, and respond to attacks. Noname, Illusive, Infinipoint and Cynerio are leading, early-stage businesses that are at the forefront of innovation and are approaching cybersecurity from different angles. 

Noname Security’s platform identifies cyberattacks on application programming interfaces (APIs) automatically and brings deep traffic insights to existing gateways and server-based environments, using artificial intelligence models specifically tailored for API security.  In modern healthcare applications, the back end – which is often based on APIs – acts more like a direct proxy to the data. A flawed API can therefore lead to sensitive data exposure, account takeover and even denial of service – which renders a machine or network resource unavailable to its intended users. Noname’s approach counters this by protecting APIs in real time and detecting vulnerabilities and misconfigurations before they are exploited.  

The Noname API Security Platform does not require agents or network modifications, and offers deeper visibility and security than API gateways, load balancers and web application firewalls. For one North American healthcare organisation, Noname was able to detect 500 APIs, 49 of which had security vulnerabilities that it quickly and efficiently remediated.  

Illusive is also working within healthcare security, protecting customers by continuously discovering and automatically mitigating privileged identity risk. The firm gives healthcare providers’ security teams the visibility they need to prioritise risk mitigation efforts, enable zero-trust initiatives, and avoid ransomware.  

“Illusive Attack Surface Manager gives us many more pieces of the puzzle in a single dashboard,” said the security analyst from one of Illusive’s healthcare customers. “We significantly reduced the organisation’s attack surface by disabling, deleting or adjusting policies and access credentials, and now we can see exactly what’s going on.” 

The zero-trust philosophy has been gaining momentum in recent years, matching the increasing number and severity of cyberattacks in all industries. Where network perimeters were previously secured based on verifying a user or device the first time it came into contact, zero trust ensures that users are continuously authenticated, authorised, and validated.  

Infinipoint is delivering zero-trust security to its healthcare customers through its device identity-as-a-service solution. With it, enterprises of all sizes can automate their ‘cyber hygiene’ and increase visibility across their entire IT estate.  

Infinipoint provides single sign-on authorisation integrated with risk-based policies and one-click remediation for non-compliant and vulnerable devices. One of its customers, which focuses on providing access to online telehealth services for brick-and-mortar providers, wanted to ensure that each telehealth session complied with the USA’s Health Insurance Portability and Accountability Act (HIPAA), without being intrusive during the telehealth sessions and without knowing the exact security posture of the provider. Infinipoint was able to execute unintrusive HIPAA security checks and offer low-friction, self-service remediation for physicians’ non-compliant devices. 

Securing the wide range of devices that enable healthcare providers to operate properly is one of the industry’s greatest security challenges. New York-based Cynerio is helping healthcare systems to secure the millions of internet of things, internet of medical things, and operational technology devices found throughout their environments. Its platform identifies device- and network-based risks, and then provides effective mitigation and remediation actions based on a zero-trust framework.  

Cynerio’s dedicated focus on healthcare environments minimises noise, provides actionable insights, and enables effective and rapid risk reduction in even the most overburdened healthcare environments. While working with MarinHealth in California, USA, Cynerio was able to neutralise an active attack which drove an overarching approach to innovating and improving medical device security for the healthcare provider.  

Sally Ann Frank is worldwide lead for health and life sciences at Microsoft for Startups 

This article was originally published in the Summer 2022 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.

Share this story