Governance & Risk Management
,
Operational Technology (OT)
Healthcare organizations are increasingly grappling with a cybersecurity crisis that poses severe threats to operational resilience, financial stability, and patient safety. This crisis has transitioned from a theoretical concern to a pressing reality, revealing vulnerabilities within the sector. While the general landscape of cybersecurity risk is widely discussed, one significant aspect remains insufficiently addressed: the susceptibility of Operational Technologies (OT).
In hospitals, OT devices represent a critical vulnerability, akin to what is observed in industrial control systems. These devices are integral to the functioning of healthcare delivery organizations (HDOs), overseeing environments that are essential for patient survival and operational continuity. A breach involving non-medical, infrastructure-focused systems can circumvent conventional IT defenses, leading to immediate and potentially devastating physical disruptions that jeopardize patient safety.
This upcoming session delves into the realities of cyberattacks targeting OT in HDOs, exploring the challenges these organizations encounter when securing their OT frameworks. Participants will gain insights into the tangible impacts of such attacks, issues surrounding existing security gaps, and practical steps to mitigate OT risk in healthcare settings.
The session’s objectives include elucidating the real-world consequences of OT attacks within healthcare environments, identifying the challenges faced by HDOs in their efforts to enhance cyber resilience, and outlining actionable strategies that can be initiated immediately to fortify defenses against OT vulnerabilities.
To fully comprehend the tactics likely employed in these cyber incidents, one can reference the MITRE ATT&CK framework. The tactics of initial access, persistence, and privilege escalation may play vital roles in understanding how these attacks unfold, shedding light on the methodologies adversaries may utilize to exploit weaknesses in OT systems. This framework serves as a valuable resource for business owners aimed at bolstering their cybersecurity postures.
