Cloud-based applications have brought convenience, speed, and a superior user experience, prompting many to use them frequently. Healthcare is one such sector where the penetration of such apps has seen a massive expansion. Also, with most companies in the healthcare sector going for digital transformation of their assets, customer interface, operations, and value chain, cloud adoption has taken a spike.
According to research by Vantage Market, the cloud computing market for healthcare is likely to reach $128.19 billion by 2028. It will grow at a CAGR of 18.74 percent. The massive push toward cloud adoption has come from enterprises that were asking their employees and other stakeholders to do remote work in the aftermath of the pandemic. This has led to an increased reliance on cloud-based apps or platforms.
However, in spite of the advantages offered by such cloud-based apps, they are not immune to cyber threats. For instance, in 2022, around 400 cloud applications delivered malware, according to Netskope, the Secure Access Service Edge Company. Incidentally, this figure is nearly three times the figure for 2021. The report stated that a spike had been observed in the delivery of malware through cloud-based apps in 2022.
This was attributed to more number of apps being abused to deliver malware and the number of malware downloads from popular apps increasing. Microsoft’s OneDrive, the leading cloud storage platform for enterprises, has led the charts as the most affected in 2022. In fact, about 30 percent of malware downloaded from the cloud was from OneDrive.
Alongside malware downloads from cloud-based apps, the year 2022 saw a rising number of scams, phishing, malicious web content, and credit card skimmers, among others. Cybercriminals used compromised sites, fake websites, or sites created using free hosting services, to disguise malicious web content. This became difficult to track and filter using URL categorization. The increase in malicious web content and malware delivery from cloud-based apps has necessitated the critical role of inspecting all content across the internet.
How Do Businesses Protect Themselves From Cyber Threats?
It is important for businesses to acknowledge the rising threat scenario, and implement cybersecurity measures to counter cyber attacks. They need to enforce a granular policy to control the flow of data, use behavioral analytics to identify compromised devices and accounts, and deploy measures to protect cloud-based data. They should inspect the traffic for all http and https websites to detect any evidence of malicious activity. In fact, for the healthcare sector, security must remain the top priority when it comes to adopting cloud-based applications.
According to the Health Sector Cybersecurity Coordination Center (HC3), healthcare organizations should address cybersecurity issues, such as cloud hijacking and IT misconfiguration. It further added, “Threats facing the cloud can vary, but the biggest concerns exist with internal threats such as human error, external threats from malicious actors, and the infrastructure itself.”
As per the security audit by one of the reputable providers of cybersecurity services, Cybernetic Global Intelligence, vulnerabilities, such as poor configuration setups, email forwarding, harvesting user credentials on the cloud, and spearphishing, are key concerns that should be addressed sooner rather than later. It is important for organizations to manage their processes to validate apps, upload data into the cloud, and conduct data transfers, among others. The series of steps they can undertake are:
>Meeting all compliance requirements, such as HIPAA, ISO 27001, PCI DSS, SSAE 18, and others.
>Performing red team testing to assess web applications, detect vulnerabilities, and fix them.
>Providing cybersecurity training to the staff as they are in the vanguard of thwarting cybersecurity threats.
>Performing a risk assessment exercise to detect external and internal threats.
>Maintaining daily log reports to ensure that the organization has not been attacked.
>Performing vulnerability assessment and penetration testing on the organization’s IT network to identify bugs or vulnerabilities.
Conclusion
Malware threats from cloud-based apps and platforms need to be tackled on a war footing in view of the increasing reliance of business enterprises on remote work. There is no escaping the threat, for sooner or later, it can engulf any organization with a vulnerable IT network. It is high time businesses understood the gravity of the challenge and implemented potent measures. In doing so, they can either set up and augment their in-house resources (a costly proposition) or hire the services of premier cybersecurity companies, such as Cybernetic Global Intelligence. For details, call 1300 292 376, send an email to contact@cybernetic-gi.com.