Cybersecurity solutions company CyberArk, with offices across the world, it delivers targeted security measures to assist organizations in preventing cyber threats as well as how to deal with them. In this interview with Vincent Goh, Senior Vice President for Asia Pacific and Japan at CyberArk, we take a look at how healthcare systems although vulnerable can be protected from cybersecurity threats.
1. What makes healthcare systems vulnerable to cybersecurity threats?
Healthcare organisations are prime targets for attacks because they possess a plethora of sensitive and potentially valuable information. With much of the data stored in the cloud, health care organisations have an array of cloud-connected medical devices. While these devices provide lifesaving care, they also expose the system to cybersecurity threats. Additionally, cloud-enabled devices require extensive capital and operating expenditures due to costly upgrades and eventual obsolescence. IT teams focused on monitoring regular network traffic can miss critical medical device vulnerabilities that could pose as a cybersecurity threat and expose patients' data to risks.
2.Why do healthcare systems require cybersecurity protection? Can they outsource this?
As the healthcare sector embraces new-age technologies and moves to the cloud, there is increased pressure to ensure the security of patient data. While the cloud's connectivity and accessibility can help improve the delivery of treatments and diagnostics, enhance patient monitoring systems, automate and centralise reporting, these also increase cybersecurity risks.
With the upcoming opening of Health Campus in Woodlands, Singapore in 2022, Singapore's adoption of smart technology, such as telehealth, robotics and artificial intelligence underscores the need to enhance the sector's cybersecurity posture. To maximise the potentials of these technologies, cybersecurity will need to be part of the systems’ design from the outset, before they are deployed within the healthcare network.
There is an opportunity for cloud security providers to step up and respond to the needs of the market. Access management tools offer an extra layer of security to help protect data assets from advanced threats in the current landscape. Updating tools and managing access to privileged accounts and credentials can significantly reduce cyber criminal's movements and minimise damage.
Healthcare organisations could use a mix of in-house and outsourced resources to manage cybersecurity. However, they need to be aware of the risks that come with working with external vendors as information such as Personally identifiable information (PII) might be stolen for criminal uses. Larger organisations are more likely to have IT teams to manage security while smaller companies could outsource some of the capabilities to third-party vendors. However, over the past years, malicious hackers are increasingly targeting third-party vendors and supply chain partners as they often have less sophisticated security policies and controls than the actual target companies, and provide an open backdoor for attackers. By targeting remote access points, stealing and exploiting privileged credentials, attackers elevate privileges then move laterally through the network while completely circumventing the targeted company’s defences.
3. Cybersecurity protection can help organisations identify threats and stop viruses but are not able to prevent cybercriminals from being inventive to find new loopholes. Will better government regulation and processes discourage cybercrime?
Local cybersecurity laws and regulations such as the Cybersecurity Act of 2018 and the Personal Data Protection Act of 2012 are meant to protect consumers and organisations from the damaging impact of cyberattacks. To avoid steep fines and penalties, companies are working with the government by implementing monitoring measures and tools for early detection of cyber threats and intrusions. With government regulations in place, companies are provided with a framework to help shape their cybersecurity strategies. In addition, cooperation among governments is vital in creating safe, open and inclusive cyberspace within the region. By creating a safer digital ecosystem, markets and industries can work together in addressing issues such as cyber resilience and security. Singapore has partnered with Malaysia to establish a working-level committee to develop a long-term regional action plan, to ensure the effective and practical implementation of cybersecurity best practices. Singapore has also made significant progress in regional cyber capacity building through initiatives such as the ASEAN-Japan Cybersecurity Capacity Building Centre in Bangkok and the ASEAN-Singapore Cybersecurity Centre of Excellence in Singapore.
4. How can we simplify cybersecurity protection measures so that everyone will have the right information to identify cybersecurity attacks?
The rise in the use of digital tools and the COVID-19 pandemic-induced lockdowns have forced organisations to revisit their fraud prevention and cybersecurity infrastructure. As employees access company data outside the company's network, tools such as multi-factor authentication and access management tools have become a vital part of a company's security arsenal.
Employees working remotely need to be provided with the resources and tips to protect their data better. One mistake that organisations make is giving remote workers local admin rights that allow them to download and install programs, connect and install devices and access corporate systems and information without having to go through IT or security teams. Many employees are also guilty of saving passwords in a browser or share sensitive files via collaboration tools. These activities can unintentionally put data and systems at risk.
Organisations can secure employees' endpoints by implementing a strong privilege access management strategy. This allows organisations to have a comprehensive view of privilege-related risks through an integrated approach. As mandated by the government, companies in Singapore are required to immediately notify the authorities and impacted individuals of the data breach. Engaging the employees in security efforts will help companies in the fight against cyber threats.
5. How can organisations educate their employees on the importance of cybersecurity measures and that preventing cybercrimes starts from oneself?
Lastly, companies should create a mechanism for employees to report any potential cyber threats. As the cybersecurity landscape has shifted, it is imperative for organisations to manage these risks effectively. According to CSA's Guide to Conducting Cybersecurity Risk Assessment for Critical Information Infrastructure, organisations need to identify events that can go wrong, such as those that are a result of malicious acts by threat actors. These events could lead to undesired business consequences. Employees need to be trained to identify and determine the levels of cybersecurity risks they are exposed to as they work remotely. With an understanding of the risk levels, they face and its impact on the organisation, employees are engaged to think about how their actions can align with business objectives.
- CSA, Singapore. (December 2019) Guide to Conducting Cybersecurity Risk Assessment for Critical Information Infrastructure. Retrieved from: https://www.csa.gov.sg/-/media/csa/documents/legislation_supplementary_references/guide_to_conducting_cybersecurity_risk_assessment_for_cii.pdf
- ICLG (November 2, 2020) Singapore: Cybersecurity Laws and Regulations 2021. Retrieved from: https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/singapore
- Personal Data Protection Commission, Singapore (n.d) Guide to Managing Data Breaches 2.0. Retrieved from: https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Other-Guides/Guide-to-Managing-Data-Breaches-2-0.pdf
- Singapore Computer Emergency Response Team (2019) Healthcare. Retrieved from: https://www.csa.gov.sg/singcert/publications/healthcare
About the interviewee
Vincent Goh is Senior Vice President of Sales, Asia Pacific & Japan at CyberArk. Goh leads the sales and channels teams, and is responsible for driving CyberArk’s growing customer base and channels across the region.
Prior to joining CyberArk, Goh was Vice President, Asia Pacific & Japan for RSA, The Security Division of EMC for more than five years. In addition to accelerating growth for the various business portfolios within RSA, he chartered the transformation of RSA from an authentication-focused business to an intelligence-driven-security provider in Asia Pacific & Japan.