The HIPAA Security Rule has a set list of requirements for covered entities to adhere to, all of which aim to ensure that organizations housing sensitive personal health information (PHI) are able to secure themselves against potential hackers. One of the conditions for being considered HIPAA compliant is to identify and protect against reasonably anticipated threats. 2017 was a year full of international cyber attacks, which heavily affected health care functions worldwide. Consequently, a new tactic that emerged and is currently being adopted by a growing number of healthcare entities is the use of military war-games to test the strength of cyber security barriers. This consists of a simulation of events that are controlled by the players in the game (in this case, hackers VS defenders).
Laura Lee, the fist developer of the "Cyber Protection Team Crew Operations Manual for U.S. Military Forces and National Guards Team", believes that what the healthcare industry lacks is a focus on cybersecurity personnel remaining up-to-date with the latest and future threats. She says that one of the ways this can be overcome is through using wargaming to test an organization's security. Wargaming tests an entity's capabilities using real life malicious actors in scenarios to assess where an organization's vulnerabilities lie. Not only does this tactic allow the entity to study its level of security competence, but it is also an effective way to tackle the issue of inefficient information sharing systems.
Lee mentioned that the struggle of information sharing is widespread because it is tough to anonymize the data that is needed to properly describe incidents. Something that adds to the difficulty of relaying the necessary information is the fact that cybersecurity is commonly a reactive concept and is not easily explained by a sufficient number of security experts.
As a result, one of the most effective ways of efficient cybersecurity knowledge sharing is through the performance of realistic exercises using predictable malicious actors in this industry. Such scenarios allow for the study of healthcare network simulations and the analysis of a system's strengths and weaknesses without accidentally exposing sensitive data. Additionally, war-game exercises proactively predict future threats that may target healthcare.They allow for the spread of best practices and knowledge of potential threats without risking the loss of sensitive data.
One must keep in mind that if this tactic is implemented, it must be done periodically as it is critical to test the performance of wargames with emerging threats and as an entity deploys new tools and techniques. The cybercrime landscape is ever changing and what may work today will most probably fail tomorrow. Even as an attack is occurring, cyber criminals continue to refine their malicious actors and search for ways to overcome security blocks and retaliations.
Wargame performance provides a more hands-on approach to cybersecurity development, something that helps experts understand the core of every type of cyber attack rather than just their capabilities on a superficial level. Being able to participate in a cyber attack simulation allows participants to see a representation of what it does, the way the attack unfolds and how it penetrates systems. Previous attacks can also be re-enacted to locate the vulnerabilities and learn from mistakes.
If wargaming is adopted correctly and used efficiently, it will be a game changer for the healthcare industry and may play a major role in helping to reduce the increasing number of breaches.