By Jamie Fiedrich, Ben Masino, and Eldon Sheckles

When it comes to cybersecurity, there’s no single playbook to follow. But looking to experts and analysts who spend their days laser focused on the latest threats and trends can offer valuable direction.

Gartner has identified its six top cybersecurity trends for the year, and they’re ones that healthcare leaders should consider. Of the six, here are the ones those of us at Avertium find most instructive and beneficial:

Trend: “Continuous threat exposure management programs gain momentum”
Gartner’s prediction on this front is a stunning one: By 2026, it expects organizations that prioritize their security investments based on a Continuous Threat Exposure Management (CTEM) program “will realize a two-thirds reduction in breaches.”

CTEM is an approach to managing vulnerabilities and exposures that enables security professionals to defend their organizations at the necessary pace of change. In particular, it represents a huge opportunity in the healthcare space, where breaches have a significant monetary impact and can also be life-threatening, and where CTEM programs are not yet widely utilized.

As Gartner explains, “The objective of CTEM is to get a consistent, actionable security posture remediation and improvement plan that business executives can understand and architecture teams can act upon."

Think of CTEM as the flip side of a traditional threat detection and notification program and less reactive than SIEM and endpoint security solutions. Behaving in a purely reactive manner tends to be an expensive security posture: a threat actor has made it to the end of the kill chain, and fixing the problem requires throwing humans, not technology, at it.

Healthcare’s constant addition of new payer, provider, and bio-tech devices, technologies, and regulations creates plenty of potential footholds around the perimeter through which a threat actor can take advantage. With CTEM, the intention is to limit or prevent that exposure in the first place by discovering and identifying those assets that might be exposed and then pointing your time and efforts at mitigating them.

Gartner provides a framework for doing so, but key fundamentals include continuous external scanning: penetration tests, vulnerability scans, and third-party supply chain scans on repeat. Once organizations understand their exposures, they can then prioritize and remediate those exposures, thus limiting their attack surface. The key is consistent and continuous testing and scanning, as point-in-time assessments are only as valuable as the nature of the environment at that time. Once new code or systems are brought into production environments, the attack surface shifts and must be assessed and remediated again.

Health IT Homepage