This presentation delves into the many cybersecurty risks that plague the healthcare industry and how these risks can be mitigated with the help of security solutions that Seqrite offers.
2. Enterprise Security Solutions by
INTRODUCTION
Technology has touched every aspect of our
lives, be it using Google Maps to get to a new
place or getting on a quick Skype call with a
family physician.
And amidst all the benefits that technology
has delivered, lies our personally identifiable
information (PII). While we have started to
become cognizant about data security, still
most of our information remains vulnerable
to cybercriminals.
And one such information is
healthcare data and records.
2
3. Enterprise Security Solutions by
HEALTHCARE INFORMATION
IS IN HIGH DEMAND BY
CYBERCRIMINALS.
THE REASON IS OBVIOUS.
These records include:
- Home addresses
- Phone number
- Email IDs
- Insurance details
- Medical history
- Driver license details
- Emergency contacts
- Credit/debit card information, etc.
ONCE CAPTURED, THIS DATA CAN BE USED TO
LAUNCH SPEAR PHISHING SCAMS, IDENTITY
THEFT, & SOCIAL ENGINEERING FRAUDS.
3
4. Enterprise Security Solutions by
Cyberattacks on healthcare industry have increased by 125%
since 2010.
100 million healthcare records were compromised in 2015.
In 2015, healthcare was the number one target for hackers.
According to Bloomberg Business, criminal acts against healthcare industry have
increased more than two times in the past five years.
DATA BREACHES
ARE COSTING THE
HEALTHCARE
INDUSTRY
$6 BILLION
ANNUALLY.
The loss mainly includes
FINES, PENALTIES, LAWSUITS, and
DATA RECOVERY COSTS.
88% of all ransomware is detected in the healthcare industry.
Sources:
- www.solutionary.com
- Ponemon Institute
- IBM
- PwC
The estimated cost of a major healthcare breach is $200 per-patient
record
2015 has been dubbed as “THE YEAR OF THE
HEALTHCARE HACK”.
4
6. Enterprise Security Solutions by
#1
Sources:
PhishMe
RANSOMWARE
A malicious program that locks
an infected computer or
encrypts data stored in it, and
then demands a ransom to
unlock the system or decrypt
the data.
93%
of phishing
emails contain
ransomware. The Ponemon Institute
Unplanned
downtime caused by
ransomware at
healthcare
organizations may
cost an average of
$7,900 a minute,
per incident.
“
6
7. Enterprise Security Solutions by
#2
INSIDERS
An insider threat could be
a current or a former
employee who is
responsible for a security
breach in an organization.
While most of these
threats are malicious,
some of them are
unintentional.
INSIDER THREATS ARE
RESPONSIBLE FOR
90% OF SECURITY
INCIDENTS.
Sources:
Verizon 2015 Data Breach Investigations Report
Malicious
Unintentional
33%
67%
- Co-worker
- Disgruntled employee
- Unauthorized physician
access
- Lost/stolen device
- Bad security hygiene
- Misuse of systems
7
8. Enterprise Security Solutions by
#3
HEALTH
INFORMATION IS
WORTH 10 TIMES
AS MUCH AS
CREDIT CARDS, ON
THE ONLINE BLACK
MARKET.
Sources:
Verizon 2015 Data Breach Investigations Report
ADVANCED
PERSISTENT
THREATS (APT)
A malicious campaign
where the attacker
breaches a network, stays
there, and keeps
gathering intelligence
about the target. Such
campaigns sometimes
can go undetected for
months or years.
Federal Bureau of Investigation
“
Likelihood of an
APT Attack.
Study conducted by ISACA on respondents
from 17 industries in 2015 (including
Healthcare) | http://www.isaca.org
52%
22%
1%
25%
Likely
Very likelyNot very
likely
Not at all likely
8
9. Enterprise Security Solutions by
#4
Sources:
Bitglasst
MOBILE
DEVICES
Healthcare providers are
increasingly using mobile
devices for services such
as submitting patient
data, submitting bills,
scheduling appointments,
exchanging diagnosis
details, etc. This means,
tons of patient data get
accessed everyday.
LOST/STOLEN MOBILE
DEVICE ARE ONE OF
THE LEADING CAUSES
OF HEALTHCARE DATA
BREACH.
Office for Civil Rights (OCR)
68%
of healthcare security
breaches were due to
lost/stolen mobile devices.
9
10. Enterprise Security Solutions by
EMPLOYEE
While cyberattacks are the leading
cause of data breaches in
healthcare, negligent employees
have a major role to play in several
security incidents that occur.
NEGLIGENCE
Responding to
phishing emails
Using infected USB
drives
Clicking on
malicious ads
#5
TCS Healthcare Technologies
COMMON
EMPLOYEE
MISTAKES THAT
CAUSE DATA
BREACHES
Visiting
infected
websites
91%
of data breaches
start with a
phishing attack.
“ 10
11. Enterprise Security Solutions by
Helps mitigate all such security threats in healthcare with its range of
Dynamic, Scalable, and Future Ready solutions:
SEQRITE Endpoint Security
SEQRITE Unified Threat Management Solution (TERMINATOR)
SEQRITE Mobile Device Management
SEQRITE Data Loss Prevention
11
12. Enterprise Security Solutions by
Endpoint Security FEATURES
PATCH MANAGEMENT
Enables IT administrators to check and
install missing security patches for Microsoft
applications installed on enterprise endpoints
from a centrally managed console.
WEB SECURITY
Automatically blocks websites infected with
malware or designed for phishing attacks.
APPLICATION CONTROL
Categories of applications can be authorized or
unauthorized from being executed within the
network.
DATA BACKUP AND RESTORE TOOL
Automatically and periodically (multiple times a
day), takes a backup of all important and well-
known file formats like PDF and Microsoft Office
files that are present on a computer.
RISKS MITIGATED
RANSOMWARE ATTACKS
INSIDER THREATS
CORE PROTECTION (IDS/IPS & FIREWALL)
IDS/IPS blocks threats that exploit software
vulnerabilities and Firewall thwarts malicious
attempts to access the corporate network.
BEHAVIOR DETECTION
Detects and blocks unknown viruses and
malware in real-time.
INFECTED WEBSITES
PHISHING ATTACKSINFECTED EXTERNAL DEVICES
SECURITY VULNERABILITIES
12
13. Enterprise Security Solutions by
Data Loss Prevention
ADVANCED DEVICE CONTROL
- Configure access policies for more than 25 device types.
- Blocks unverified devices.
- Prevents autorun infections.
ENHANCED PRIVACY PROTECTION & COMPLIANCE
- Identifies Office documents based on their origin.
- Prevents data leakage propagated by worms, Trojans,
and other malware threats.
- Issues regular notifications to reinforce user behavior on
data security.
LOWER COMPLEXITY & COST OF DEPLOYMENT
- Easy integration with existing Seqrite EPS.
- Defines DLP security polices and reports across multiple
endpoints in scattered locations.
- Centralized management and monitoring of crucial business
data.
CONTENT AWARE PROTECTION
- Monitors all actions on confidential files.
- Instantly notifies admins about unauthorized data leakage.
- Ensures that no confidential data leaves the organization.
- Targeted Attacks
- Human Error
- Bluetooth
- USB Drives
- Web Email
- Cloud Storage
DATA LEAKAGE caused by:
RISKS MITIGATED
FEATURES
13
14. Enterprise Security Solutions by
TERMINATOR
GATEWAY ANTIVIRUS
Scans all incoming and outgoing network traffic
at the gateway level. Augments existing virus
solutions by reducing the window of vulnerability
(WoV).
FIREWALL
Admins can permit or block access for traffic
between internal and external networks based
on enterprise compliance policies.
VIRTUAL PRIVATE NETWORK
Provides IT administrators with a means for
secure communications between the company's
remote users and for building site-to-site
connections.
IDS / IPS
Scrutinizes network traffic in real-time and
prevents a broad range of DoS and DDoS
attacks before they penetrate the network.
DoS & DDoS ATTACKS
INTERNET DOWNTIME
GATEWAY MAIL PROTECTION
Scans incoming/outgoing emails or attachments at
the gateway level to block spam and phishing
emails before they enter the network.
CONTENT FILTERING
Allows blocking of non-business related websites
including streaming media sites, downloads, instant
messaging, etc., in order to reduce unnecessary
load on enterprise bandwidth.
MALICIOUS INTERNET TRAFFIC
MALICIOUS EMAILSMAN-in-the-MIDDLE ATTACKS
ADVANCED PERSISTENT THREATS
FEATURES
RISKS MITIGATED
14
15. Enterprise Security Solutions by
MDM
APPLICATION CONTROL
Apps can be remotely managed/ installed/
blocked in order to maintain policy compliance
and productivity within the network.
VIRTUAL FENCING
Preset virtual boundaries that restrict device
usage and functionality. These boundaries can
be triggered by geolocation-based, time-based
or Wi-Fi network-based data.
UNIFIED MANAGEMENT CONSOLE
Manage and synchronize all connected devices
through a centralized graphical interface.
NETWORK DATA MONITORING
Admins can view details of Internet data used
over mobile networks or Wi-Fi. They can also
monitor all incoming and outgoing calls and
SMSs on enterprise mobile devices.
DATA THEFT FROM LOST/
STOLEN MOBILE PHONES
ANTI-THEFT
Prevents misuse of lost/stolen mobile phones by
remotely tracking and locking them. Also prevents
data breach by remotely erasing the phone’s data.
INTERNET THREATS
JAILBREAKING/ ROOTING
OF MOBILE DEVICES
MALICIOUS MOBILE APPS
SECURITY MANAGEMENT
Features such as browsing protection, web
filtering, anti-theft, and geolocation tracking
ensure the safety of enterprise devices.
MOBILE MALWARE
BAD SECURITY HYGIENE
FEATURES
RISKS MITIGATED
15