The healthcare industry faces challenges in keeping up with the rapidly evolving healthcare cybersecurity landscape. This is due in part to CISOs failing to take use of dark web intelligence, which leaves the industry with a weaker cyber posture than other sectors. Only 57% of healthcare CISOs have included dark web intelligence in their plans, according to a Searchlight Cyber Report.
Researchers highlighted that the dark web acts as a hub for cybercriminal activity, with marketplaces for buying and selling malware, exploits, and stolen data. It also provides a forum for threat actors to share skills and discuss strategies. Furthermore, criminals use the dark web to host ransomware leak sites, threatening to reveal stolen data unless a ransom is paid.
Collecting threat intelligence, pre-attack intelligence, and data from the dark web can help many organisations enhance their cybersecurity posture. This method, known as the "pre-attack phase," allows businesses to detect and mitigate cybersecurity risks before they enter their network.
A poll titled "Proactive Defence: How Enterprises Are Using Dark Web Intelligence," performed between November 18, 2022, and January 16, 2023, gathered responses from 1,008 CISOs representing large enterprises with revenue in excess of $200 million and more than 2,000 employees.
While the financial sector leads in the adoption of dark web intelligence, with 85 percent of organisations acquiring it, the healthcare industry lags behind. According to survey results, healthcare CISOs are 20 percentage points behind other industries in gathering data from the dark web, which is harming their cybersecurity posture. Most CISOs in the United States are confident in their ability to comprehend their adversaries' profiles.
Specifically, 85 percent of US CISOs expressed confidence, while 80 percent of US firms reported acquiring threat intelligence. While researchers see this high level of dark web data awareness and uptake as promising, significant sector differences persist. The healthcare sector has demonstrated a lack of confidence in knowing the profiles of potential adversaries.
Researchers identified that, compared to the industry average of 77 percent, just 60 percent of healthcare CISOs feel confident in understanding their adversaries’ characteristics. A lack of awareness of data intelligence can limit their ability to detect and neutralise legitimate threats before they enter the network.
In contrast, industries such as manufacturing, financial services, and professional services report higher security postures. Because of increased use of threat intelligence and dark web monitoring, these industries are more confident in recognising and responding to possible threats.
Every week, millions of dollars in ransoms and protected health information (PHI) are stolen from secure systems and made available on the dark web. This regrettable pattern reveals the tragic fate of many exfiltrated patient data records, emphasising the critical need for the healthcare industry to address its security vulnerabilities and knowledge gaps.
