For years, the word ‘cloud’ was synonymous with risk. Now, that’s no longer the case – in fact, “the opposite is true,” said David Houlding, Director of Global Healthcare Security and Compliance Strategy at Microsoft. As the environment becomes increasingly complex, more health systems are going to the cloud and relying heavily upon providers to protect that data.
“You need to know where your data is,” he noted during a recent Keynote, which also featured Josh Howell, Sales Engineering Manager (Healthcare East/Central) at Rubrik. “You need to be able to discover it, identify it, classify it, label it, and protect it throughout the lifecycle.”
Measuring the Impact
The real risk, according to the panelists, is in knowing where PHI exists and being able to take swift and effective action in the event of a breach. Because when it does happen, it’s going to be brutal.
“When you quantify the financial impact of a medium-sized healthcare organization, it can easily run three to five million dollars,” said Howell. And for large systems, it’s a matter of billions, which is on par with the loss of an entire facility in a fire. “It helps us think about what levels of investment we should make.”
Josh Howell
And while it’s the initial attack that makes headlines, the immediate effects account for only about 10 percent of the damage. It’s overwhelming, to say the least.
The good news is that ransomware, although a significant threat, doesn’t have to be a catastrophic event.
“Too many organizations view ransomware as something that’s going to be a month-long outage at the least,” said Howell. “Our primary focus is helping leaders at all levels understand that this is a problem that can be solved – that it’s being solved successfully today, and that organizations can bounce back quickly.”
Critical Partnerships
That’s where Microsoft and Rubrik are looking to make an impact by providing the right tools and support to “pull off a speedy recovery,” said Houlding. Doing so requires continuous monitoring, particularly of endpoints that are vulnerable to malware, and being able to respond, contain, and quarantine that endpoint, then quickly remediating.
The partnership combines Rubrik’s expertise in data security backup and ransomware recovery with Microsoft Azure’s cloud infrastructure to integrate security suites and create an integrated, unified view of data. That way, when an incident occurs, security analysts can understand what happened and what needs to be done in order to contain the attack.
Without that alignment, gaps in architecture are created, which can lead to vulnerabilities and outages, said Houlding. If security teams need to monitor multiple dashboards, which increases the risk of missing alerts, while increasing the dwell time for attackers.
David Houlding
“These types of partnerships are critical,” especially as more organizations migrate their infrastructures to the cloud. “We need to ensure we’re minding those gaps and remediating issues. When there's a release of data on one platform, we want to know that it’s been tested on another platform. We want to know there’s change management being coordinated between cloud providers” so that services aren’t affected.
“A holistic view”
And although health systems may use multiple cloud providers, they still have the same requirements, whether it’s data classification policies or retention limits. With Microsoft and Rubrik’s partnership, security teams can “tag those workflows and we’ll apply what you need to know or how to translate that goal to those various clouds, whether that’s AWS, Azure, or others,” said Howell. The idea is to “bring all of that together so that a business owner or CIO can have a view of users that are accessing sensitive data.” For example, folders being stored on SharePoint. “The ability to abstract away that complexity and give you a holistic view across all those environments is something that our customers appreciate.”
“When, not if”
That view includes recommendations and guidance on how to manage incidents, which can help upskill individuals, while also accelerating investigations, according to Houlding. “It’s about how quickly can you recover and restore to be resilient, but also, how do you then minimize that impact upfront? Because with ransomware getting better, it’s a matter of if, not when. That’s why this is so important.”
And as the landscape continues to change – and the environment becomes increasingly complex – these types of coalitions will continue to play an important role in securing data, he noted.
“You have all this telemetry coming in; AI can help analytics figure out in real-time, with threat intelligence coming in, what they should do about it, and then accelerating their response containment and remediation,” said Houlding. “I think that's super exciting.”
© Copyright 2024 Health Lyrics All rights reserved
