Today’s hidden cybersecurity risks – and how health leaders can avoid them
Healthcare cyber warfare is on the rise.
Insurers, health systems, pharmaceutical companies, biotech and engineering firms each face their own unique security challenges, yet they all share one thing in common – digital security breaches are extremely costly in terms of both dollars and reputation.
Patient records, healthcare data and intellectual property are all valuable targets. The frequency of IP theft in the healthcare industry proves that this sensitive data is vulnerable even when executives think it secure. The vulnerability of healthcare IP arises from two sources: defects in the static infrastructure designed to protect confidential data at rest and in transit, and – less obvious – the inadequate protection of the metadata surrounding data transmissions. While logic might indicate that a static, fixed target is a suboptimal defense posture, metadata is often overlooked as a vulnerability.
Take drug development, for example. Pharmaceutical companies often disclose major announcements, such as the outcome of a clinical trial, by first contacting a series of necessary parties in a timed order based upon a pre-agreed document the company holds. The timing of these interactions and the identities of the parties involved become valuable to hackers and prying eyes, as it allows them to understand relationships, forecast next steps and map out company strategies – all accessible as metadata, even in encrypted communications.