Digital consumption and our dependence on digital technology have only surged ever since the virus crept into our lives. It opened opportunities in the new normal, but a host of new threats have also emerged. Thus, safer digital platforms have become imperative for generations to come. Thus, Safer Internet Day (occurring every February) aims to reinforce the importance of online safety and responsibility among children and youth, the predominant users of digital media today. It started in 2004 as an initiative under the first Safer Internet Action Plan of the EU-funded SafeBorders project. The Insafe (the network of Safer Internet Centers) took up the initiative. It has now expanded its reach beyond its initial geographic boundaries.
Safer Internet for the Healthcare Industry
The healthcare industry is no stranger to the risks of managing digital data. One needs to keep in mind the mountains of sensitive information it processes every day. These risks grew with the disruption caused by the pandemic that necessitated an accelerated adoption of digital technology to ensure business continuity. The pandemic pushed the industry out of its rigid office premises into a more flexible WFH model.
Compliance and data security are pivotal to the healthcare industry - expertise in which are often competitive advantages. What was once enforced through strict protocols, predominantly physically executed by the organizations, now has to be delivered virtually. The priority is to safeguard the systems with adequate measures while also ensuring a sustained vigil for threats. While remote working has enabled organizations to keep the figurative 'lights on' it has, on the other hand, opened up a box of emergent threat sources. To begin with, CISOs must ensure that they regularly update and log all security controls. This is of paramount importance, providing valuable inputs for the next steps of the threat life cycle management process. Remote forensics must enable to account for the modified state of working models and IT environments.
Cybersecurity risks
Another challenge for the CISOs amidst the pandemic has been the lack of professionals in cybersecurity. While the measures implemented across organizations have been undeniably commendable, the CISO community needs to pursue threat life cycle management, which typically involves monitoring, discovery, qualification, response, and recovery. These activities need pursuance with a sense of purpose and endurance. Relevant metrics need to be established and relentlessly acted upon too.
HIPAA reports that the year 2020 saw healthcare data breaches of 500 or more records, at a rate of more than 1.76 per day. Healthcare providers, health plans, healthcare clearinghouses and business associates of those entities reported 642 large data breach – 25% more than a previously record-breaking 2019. Furthermore, a 71% increase in ransomware attacks on healthcare providers was recorded in October. Along with that, there was a 45% increase in healthcare cyberattacks in the last two months of 2020.
With the potential of emerging technologies to elevate the performance and outcome, there is immense scope for embracing AI/ML and replacing manual processes of discovery and qualification. This can provide valuable insights and enable real-time alerts. Secure-by-design needs should act as a critical component in every digital transformation-related discussion.
And it's a wrap
The industry has witnessed a paradigm shift in the perception of security - from mere cost centres to ‘a key enabler of resilience’. With the pandemic, it has been a wake-up call for organizations to reimagine and redefine their security infrastructures. It is also essential to measure the performance of the newly-devised systems— in terms of the impact delivered and the risk reduced for the organization, which will help set the right context for the way forward. The organisational culture must practice data security, risk, and compliances as necessities. Only then, safer Internet can automatically become a habit for individuals.