Securing healthcare operations: Cloud computing

As per the U.S. Department of Health and Human Services publication on healthcare cybersecurity: 

“The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions. And cyber incidents in healthcare are on the rise. For instance, HHS tracks large data breaches through its Office for Civil Rights (OCR), whose data shows a 93% increase in large breaches reported from 2018 to 2022 (369 to 712), with a 278% increase in large breaches reported to OCR involving ransomware from 2018 to 2022.”

The above statistics don’t even include the number of 2023 and 2024 cybersecurity-related incidents, with 2024 numbers likely to eclipse the 2023 total.  All this at a time when information security awareness is the highest it has ever been in terms of investment in governance and risk management (GRC) tools and technology and mandatory user trainings (to avert phishing attacks). So why are cybersecurity incidents still increasing and negatively impacting healthcare operations? 

The problem of cybersecurity is so severe that it is impossible for a single organization to mitigate the risks – rather, it requires the combined power of the IT industry and technology.   

The two prevalent computing models, on-premises and in the cloud, follow similar but different security control structures with varying effectiveness. Data security is one of the only commonalities between the models. Regardless of being on-premises or in the cloud, data security is the exclusive responsibility of the organization. However, cloud computing offers better protection in securing the perimeter, systems and environment and has a stricter compliance and control structure, which very few on-premises systems can match.

Despite the significant cybersecurity threat, organizations sometimes struggle to find financial resources to harness the cumulative power of available technologies. Even when budgets and technologies are available, there is a shortage of skilled professionals to utilize them effectively.

Even with a mature on-premises cybersecurity program, it would be a significant investment to prove that existing controls are effective. Unfortunately, penetration testing is not enough to prove program effectiveness. 

On the other hand, cloud computing offers sufficient assurance of protection, from perimeter security to the most current and updated vulnerability protection. With cloud computing, the level of investment, combined with technology and the highest level of cybersecurity management skill, remains unmatched when compared to on-premises systems and security. Compliance statements and certifications provide further routine proof of capability. The following are inherent cloud computing features which enable highly sophisticated and effective cybersecurity protection:

• Monitoring and threat intelligence: Cloud providers offer continuous monitoring and logging of activities across their infrastructure. This helps to quickly identify and respond to potential ransomware attacks.
• Threat intelligence sharing: Cloud providers often share threat intelligence and best practices with their customers, helping them stay informed about the latest ransomware threats and defense mechanisms.
• Scalability and isolation: Cloud infrastructure can quickly scale resources up or down in response to a ransomware attack, ensuring that operations can continue with minimal disruption.
• Isolation of resources: Cloud environments can isolate different workloads and users, reducing the spread of ransomware within the organization.
• Disaster recovery plans: Many cloud providers offer integrated disaster recovery solutions, which include automated failover and failback processes. This ensures business continuity even during a ransomware attack.

Regardless of the computing model (on-premises or in the cloud), the increased cybersecurity threat requires a realignment of security posture. At the federal level, initiatives such as automated cybersecurity for healthcare aim to increase visibility and awareness. At the same time, cloud computing offers a much better, more secure and compliant platform where security is an inherent feature.

Want to learn more about how to enhance your cybersecurity posture? Register here to attend our Oct. 23 webinar. 

Rajesh Srivastava, CISA, CGEIT, CRISC, PMP,  is a global cloud business director at Solventum.

Kyle Erickson is vice president, product chief information security officer at Solventum.