A Blueprint for Securing the Healthcare Sector’s Digital Future

Healthcare organisations need to embrace the idea that cybersecurity is now an inseparable part of patient safety.

By Mr. Yeoh Keat Chuan, CEO, Ensign InfoSecurity

According to the latest report by the Cyber Security Agency of Singapore (CSA), the number of cybercrime cases in our nation has risen over the years – hitting a high of 5,430 reported cases, or an average of nearly 15 cases a day, in 2017 and incurring an economic loss of more than S$95 million.

However, these figures are most likely only the tip of the ice. The unfortunate truth is that there will be many more cybersecurity incidents that go unreported or have not been discovered.  

As cyberattacks become increasingly frequent, sophisticated and unpredictable, many organisations in Singapore are struggling to build a cyber-resilient infrastructure while continuing to push their digital transformation efforts forward.


The Impact of Cyberthreats on Healthcare Organisations

While cybersecurity is critical for organisations across all industries in Singapore, it is particularly vital for the healthcare sector. Successful cyberattacks in this industry will not only lead to the loss of sensitive data and incur massive, perhaps irreparable, reputational and economic damages, it can also potentially put patients’ lives at risk.

For example, Health Sciences North (HSN), a public hospital and academic health science centre in Canada, recently suffered a malware attack which resulted in the forced shutdown of its IT systems as well as services delays and congestions at the Emergency Response department. Healthcare is one of the few sectors where the disruption of services can physically endanger people’s lives.

In the same vein, healthcare data needs to be highly secure because of the intimate details involved. Unlike other types of records, such as banking records or emails, healthcare data breach victims will not be able to rectify the loss of data by updating their particulars or changing their passwords.   

Healthcare organisations need to embrace the idea that cybersecurity is now an inseparable part of patient safety, and they have an increased regulatory and moral responsibility to protect the personal data that is stored in their systems.


Creating a Cybersecurity Blueprint to Address Future Threats

To understand more about the cybersecurity challenges that healthcare institutions face and, more importantly, how they can strengthen their cyber resiliency, we recently organise a luncheon with several leaders and Chief Information Security Officers (CISOs) from Singapore’s healthcare sector as well as General Keith Alexander, Founder and CEO of IronNet Cybersecurity
Yeoh Keat Chuan with Gen. Keith Alexander

I spoke with Gen. Keith Alexander, CEO of IronNet Cybersecurity, at the luncheon to get his insights on how healthcare organizations can better protect themselves using the latest technologies. 


Based on our discussion on how healthcare organisations can elevate their security posture, here are four approaches that these firms need to consider when developing their cybersecurity blueprint and plans.  


  1. Containing risks using game-changing behavioural analytics technology

    The threat landscape has evolved significantly over the years and state-sponsored attacks are one of the key concerns that many CISOs and business leaders have. And defending against such sophisticated attacks is no easy feat as these well-trained, highly motivated threat actors will usually employ a range of tactics and techniques to circumvent existing security measures.


    User and Entity Behaviour Analytics (UEBA) is a game changer that can empower healthcare organisations to address this threat by equipping them with more comprehensive detection capabilities that are able to identify external attacks and insider threats with greater precision.


    Leveraging a host of technologies such as packet and signature detection, log analysis, and artificial intelligence (AI), UEBA investigates network traffic and recognises actions that deviate from the regular behaviour of users. This enables organisations to accurately identify false positives, detect and block attempts of a breach and, if necessary, take appropriate measures.


  2. Closing cybersecurity gaps with enterprise-wide NetFlow monitoring

    One of the key steps to creating a secure digital environment is to have complete network visibility. After all, organisations cannot protect themselves against attacks they cannot detect. However, many of the advanced threats that healthcare institutions encounter today capitalise on visibility gaps that conventional cybersecurity solutions are unable to monitor and plug. 


    To counter attacks that exploit these blind spots, healthcare institutions can consider organisation-wide NetFlow monitoring solutions, such as IronNet’s flagship platform – IronDefense, that analyse network traffic at machine speed to deliver scalable network behavioural analytics and integrated packet-level cyber hunt. This provides the organisations with high-fidelity detection and visibility across their digital estate.


  3. Strengthening defence through sectoral cyber threat intelligence sharing

    Today’s malicious threat actors are formidable adversaries as they can rapidly change their tactics, techniques and procedures to avoid detection. As a result, fewer and fewer companies are able to protect the sensitive data under their care all by themselves.


    Cyber intelligence sharing, especially information that is specific to the healthcare sector, will be a critical tool for healthcare institutions as it will enable them to avoid the missteps of their peers, deploy proven, effective security measure and strengthen cyber resilience across the organisation. And when platforms, such as IronNet’s IronDome, provide real-time, anonymous intelligence with trusted peers and governments, it allows the entire healthcare sector – ranging from medical providers to third-party suppliers to other stakeholders - to collectively respond to highly coordinated threats.


  4. Addressing the talent crunch with CISO-as-a-service

    Cybersecurity today is no longer just an IT issue, but one of business risk. As such, it is critical to plan out an overall cybersecurity strategy to meet the organisation’s unique business needs and challenges as well as to reduce the level of cybersecurity risk. And this is a role that is often carried out by the CISOs.

    However, Asia Pacific today is facing a severe cybersecurity talent crunch and there is a dearth of talent with that depth of experience. In Singapore alone, we are already facing an estimated gap of 3,400 cybersecurity professionals by 2020.

    CISO-as-a-Service can help to alleviate the situation and provide organisations with the strategic directions they need to mitigate their cybersecurity risks. This service can also cover the directing of risk remediation efforts and the evaluation of their effectiveness while enabling healthcare firms to tie together strategy, policies, and processes for a more holistic, effective cybersecurity implementation.

    While healthcare organisations continue to adopt new technologies and digitally transform themselves to improve patient care outcomes, drive medical breakthroughs and curb rising costs, they are also becoming increasingly attractive targets for cybercriminals due to the treasure trove of personal data that is stored and transmitted in their networks.

    By understanding the nature of present and future cyber risks while tapping on the power of the latest cybersecurity technologies and approaches, healthcare institutions will be able to devise a more effective, comprehensive and scalable cybersecurity blueprint that is capable of addressing today’s gaps and mitigating tomorrow’s threats.



Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence