CIO

Key elements of Patching to consider for Healthcare IT CISOs

By Andrew Souter, Area Vice President for Ivanti Pre Sales APAC

Data breaches that affect businesses of all sizes are now more common than ever, and unsurprisingly this includes Australia. As they become almost a regular affair, healthcare sector is no exception. According to the last quarter Notifiable Data Breaches (NDB) Statistics Report from OAIC, between January to March, the health sector reported 27 per cent of the data breaches, being one of the top industries. Of the 58 notifications over the first quarter, 52 percent was caused by human error, 45 percent was because of malicious or criminal attacks and 3 percent was due to system faults.

The recent hack events were primarily ransomware attacks, one of the key security vulnerability that allows attackers to plant a malware into unpatched operating systems and legacy systems with the only objective of extorting affected organisations. Reports show that nearly half of reported ransomware attacks are on healthcare institutions. As the privacy violations and data breaches in healthcare industry involves high risks and costs, it is key for healthcare IT administrators to pay close attention to their IT infrastructure and detect security gaps. Here are some crucial elements of patching to consider as a part of the IT security strategy:

Identify

The first and foremost step in patching process is to understand the applications that are running in the endpoints and identify the ones that require close attention in terms of security. Once identified, it’s important to take a proper, risk based assessment of the patching needs and detect the exact type of security vulnerabilities. This will also help security professionals identify risks accurately and rank vulnerabilities in terms of the threats they possess to businesses.

Prioritise

Prioritising or taking a risk-based approach while working on the IT security strategy is also key. As every organisation is different to one another and risks associated with them, the approach will vary from business to business. Hence, it’s crucial for teams to evaluate vulnerabilities critically as well as the impacted assets. Accordingly, IT teams can schedule the prioritisation of patches in order of urgency- high priority security patches followed by the least priority ones. It’s important that IT professionals use a risk-scoring system to mitigate the highest-risk vulnerabilities first.

Automate your patching

Reports show human error to be one of the main reasons for data breach or any malicious attack. Therefore, it’s recommended to automate the patching process that not only saves time but also makes life easier when coupled with dashboards and reporting, providing proper visibility across the entire cycle ensuring everything is up to date. The automated patching feature enables the team to automate A to Z of the patch management process i.e. from synchronising the vulnerability database, scanning all machines in the network to detect unpatched OS and providing periodic updates on patch deployment status. Moreover, automation helps to test, package, stage, and deploy patches to thousands of systems in minutes, saving both time and money over limited, manual processes.

Comprehensive patching As healthcare IoT continues to evolve, the diversity of tech IT admins are required to manage is increasing at a fast rate. With operating systems ranging from Linux and UNIX to Mac and Windows, mobile, and thousands of third-party apps, the onus is on businesses to manage patches across the current heterogeneous IT environments. Integrating a single stop solution that is well equipped to cover common endpoint territory and also patch third-party apps within the same console will reduce infrastructure and resource costs at the same time. Having administrative capabilities, including customisable and automated patch scheduling based on dynamic filtering and detailed reports on patching status. With the risk of supply chains being attacked and subsequently compromised, CISOs should be auditing systems regularly and establishing remediation steps across all their security infrastructure.