Written by : Nikita Saha
February 16, 2024
At the recent DHN Forum Bengaluru, Romanus Prabhu, director of Product Support at ManageEngine, a division of Zoho Corp, shed light on the critical aspects of cybersecurity.
In today’s digital era, as everything shifts online, from educational institutions to major tech corporations, the healthcare sector is also at the forefront of embracing this digital transformation. With advancements including AI implementation and Electronic Health Records (EHR), organizations worldwide are swiftly transitioning into the digital landscape.
While digitization facilitates accessibility, such as remote teleconsultations for patients in distant villages, it also brings along an escalating threat: data breaches.
In the year 2022 alone, India faced a staggering 1.9 million cyberattacks including the country’s top institutions such as ICMR, AIIMS Delhi, among others. The escalating rate of cyber threats underscores the urgent need for comprehensive cybersecurity measures.
At the recent DHN Forum Bengaluru, Romanus Prabhu, director of Product Support at ManageEngine, a division of Zoho Corp, shed light on the critical aspects of cybersecurity.
Here, we delve into Prabhu’s insights and strategies for effectively safeguarding healthcare networks against potential threats.
Prabhu began by highlighting the staggering costs associated with data breaches, citing IBM's report that the average cost of a data breach surged to $11 billion in 2023, a 53% increase from 2020.
Despite advancements in technology, vulnerabilities remain open and exploitable, with 78,000 vulnerabilities still lingering, albeit reduced to less than 10% from 2022.
Prabhu emphasized, "Threat actors can exploit these vulnerabilities, with 26% being exploitable yearly."
Identifying the primary victims of data breaches, Romanus pointed to sectors such as healthcare, financial, pharmaceutical, and energy. Heunderscored the value of Personally Identifiable Information (PII), Protected Health Information (PHI), and financial records, noting their allure on the dark web.
With a staggering statistic revealing that "3 in 1 Americans are affected due to data breaches," Prabhu noted the pervasive nature of this threat across industries and regions, saying, “This is not a problem specific to one particular vertical or one particular region, it’s everywhere.’’
Thereafter, he stressed the importance of adhering to essential fundamentals in managing network security. He cautioned that despite technological advancements, neglecting these fundamentals could pose significant challenges.
Adding to that, Prabhu outlined five basic assets that organizations seek to protect: people, endpoints, applications, infrastructure, and data.
Addressing the complexities of managing endpoints, Prabhu introduced the concept of Zero Trust Network Access. He highlighted the challenges associated with managing unmanaged endpoints, particularly in sensitive environments such as hospitals. Thereafter he also advocated for leveraging browser-based solutions to negotiate access to endpoints effectively.
Moving ahead in the discussion, Romanus provided insights into the modus operandi of threat actors, emphasizing the importance of understanding their procedures to formulate effective strategies.
Moreover, he delineated the stages of a threat actor's attack pattern, from reconnaissance to gaining higher privileges and accessing vital records.
Additionally, Romanus underscored the role of tools such as Meter and Attack in providing visibility into threat actor networks.
According to him, there are organizations that identify such attacks and bring about visibility to how things are happening with the threat actor’s network. So that organizations should be able to protect their network.
“A: Adversaries, T: Tactics, T: Technics, CK: Common Knowledge. This is acquired by understanding previous attacks to avoid future attacks,” he added.
Speaking about statistics, Prabhu reiterated that the majority of tools utilized in cyber attacks, specifically 91%, are publicly accessible and free. He went on to highlight that threat actors leverage these tools extensively,employing only a small portion, approximately 9 to 10%, of their own code to safeguard or transmit data to the central command.
He further advised, “See your network through the eyes of the threat actor. You have to connect IoCs, if all your systems are okay, whether there is any threat of threat actors coming or contacting external services.’’
Prabhu urged organizations to adopt the NIST Cybersecurity Framework, emphasizing its five core functions: Identify, Protect, Detect, Respond, and Recover.
He stressed the importance of identifying assets, protecting them from known vulnerabilities, and swiftly detecting and responding to unknown threats.
Further, Prabhu outlined a two-dimensional strategy for comprehensive protection, focusing on both known and unknown vulnerabilities. He addressed prioritizing known vulnerabilities through patching and software updates while leveraging tools to detect and respond to unknown threats. Romanus also recommended investing more resources in known vulnerabilities initially, followed by addressing unknown vulnerabilities.
The insightful session concluded with a reminder that in today’s modern world, all organizations must understand that success in cybersecurity isn't solely dependent on possessing the appropriate tools, but rather on devising a strategic approach and utilizing those tools efficiently. As Prabhu aptly stated, "Not just tools, have a strategy.”
With proactive measures and strategic planning, organizations can navigate the complex cybersecurity landscape and safeguard their networks effectively.