In a recent discussion, Keith Fricke, a partner and principal consultant at tw-Security, highlighted ongoing vulnerabilities posed by legacy applications and medical devices within healthcare IT environments. Despite their susceptibility to cybersecurity risks, many organizations remain largely unaware of the extent of these outdated systems in their operational framework.
Fricke emphasized the need for healthcare organizations to adopt a proactive stance in managing these devices. He noted that reviewing Manufacturer Disclosure Statements (MDS) can provide vital insights into the security profiles of medical devices and the potential pathways for upgrading to versions with enhanced security measures. Understanding the migration paths is crucial in ensuring systems are not only functional but also fortified against emerging threats.
Segmentation of these legacy products within the network is another critical recommendation from Fricke. By isolating legacy devices on separate network segments, healthcare providers can significantly reduce the risk posed by potential vulnerabilities. Moreover, as new devices enter their environments, establishing robust evaluation practices becomes essential to ensure they meet stringent security criteria.
In an audio interview with Information Security Media Group, accessible via the organization’s platform, Fricke also addressed significant lessons learned from recent high-profile cybersecurity incidents. Particularly, the Change Healthcare ransomware attack, which impacted around 190 million individuals, served as a stark reminder of the need for comprehensive governance and security protocols in the healthcare sector.
Fricke further identified gaps in governance surrounding the use of artificial intelligence in healthcare, emphasizing the critical need for structured frameworks to address associated cybersecurity and privacy challenges. He acknowledged the myriad of issues currently facing the sector, which are compounded by the rapid evolution of technology and increasingly sophisticated cyber threats.
With over 35 years of experience in IT, including 19 years concentrated on healthcare information security, Fricke’s insights reflect a deep understanding of both the tactical and strategic aspects of cybersecurity in this sector. His previous role as Chief Information Security Officer (CISO) at Mercy Health, which operates 24 hospitals across multiple states, underscores his expertise in managing cybersecurity challenges in a complex healthcare landscape.
In the context of these discussions, the applicability of the MITRE ATT&CK framework becomes evident. Tactics such as initial access and privilege escalation may have been employed in recent attacks, indicating a pressing need for healthcare organizations to enhance their defenses and prepare against potential threats. As the landscape continues to evolve, staying informed and proactive is paramount for business owners confronting these cybersecurity risks.
