Cloud Migration Challenges For Healthcare Organisations

The COVID-19 pandemic has forced healthcare organisations (HCOs) to accelerate their digital transformation and cloud adoption by almost 90%, with remote working and cost savings viewed as the main reasons to implement a cloud infrastructure. This was a result of a global survey from Trend Micro, which surveyed more than 2,500 IT decision makers across several industries, including healthcare. 

With digital transformation comes a higher level of cyber threat.  The survey showed that the sector may have over-estimated its ability to protect its cloud environment as 43% of HCOs revealed that a skills gaps was a barrier to migration and only 40% are confident they secure their part of the Shared Responsibility Model.

Trend Micro commissioned Sapio Research to carry out the survey and the results show that 88% of HCOs have accelerated their cloud adoption because of the pandemic. Remote working, cost savings and improved IT agility were three main reasons for the switch to cloud-based infrastructure. 

Rapid shifts to the cloud may leave organisations at higher risk of cyber threats and the survey has identified four challenges HCOs reportedly faced when moving to cloud-based environments:      

  • Skills shortages: 43% revealed that skills gaps are a persistent barrier to migrating to cloud security solutions.
  • Day-to-day operations: Setting and maintaining policies (34%), patching and vulnerability management (32%), and misconfigurations (32%) were challenges of protecting cloud workloads.
  • Increased costs: 43% have spent more on capital expenses and paying for contracted out services, while 39% have spent more on operational and training costs since migrating.
  • Security responsibility: Just 40% are confident they secure their part of the Shared Responsibility Model.

While cloud migration isn’t simple, it can be enabled and improved using the right security tools. “Security is another aspect of building well, not a separate function. And security controls help teams build better in the cloud ....Security can be an accelerator for building in the cloud. Using the right tools and understanding the platforms you’re using is key to making that happen.” said Mark Nunnikhoven, VP of cloud research at Trend Micro. 

The healthcare sector has been on the frontline in the struggle against COVID-19 and digital transformation can make a positive impact on productivity and patient care during this time of critical need.  However, it is essential that the broader attack surface of an expanded digital infrastructure is given due consideration.

With the right cloud-ready solutions in place, HCOs can maximise cloud benefits without putting mission-critical systems or patient data at risk. Such tools can also minimise skills challenges by spotting misconfigurations, automating patching and policy management, and integrating security into DevOps, across both cloud and on-premise environments.

Trend Micro:      Bloomberg:     Cision:     Image: Unsplash

You Might Also Read:

The Five Best Ways To Secure Your Cloud Environment:

 

« More Critical Problems With SolarWinds
Everything You Need To Know About Hashing Algorithms »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

CUIng.org

CUIng.org

The CUIng initiative was launched to tackle the problem of criminal exploitation of information hiding techniques.

SlashNext

SlashNext

The SlashNext Internet Access Protection System (IAPS) provides Zero-Day protection against all internet access threats including Social Engineering & Phishing, Malware, Exploits and Callback Attacks.

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Consulting Services to help you secure your mission-critical systems.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

ToucanX

ToucanX

ToucanX has eliminated remote attack vectors without sacrificing productivity. We’ve brought embedded near real time virtualization to the enterprise endpoint.

cleverDome

cleverDome

cleverDome has created the first community built and proven model that redefines the standards for protecting the most confidential data and information of consumers in the cloud.

Cyrebro

Cyrebro

CYREBRO is your online cybersecurity central command managed SOC that integrates all your security events with strategic monitoring, proactive threat intelligence, and rapid incident response.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

Responsive Technology Partners

Responsive Technology Partners

Responsive Technology Partners provides superior IT support services including cybersecurity and compliance, telephony, cloud services, cabling, access control, and camera systems.

Probity

Probity

Probity Inc. is a certified software development and systems engineering company, providing support to federal government and national defense related clients.

Datapac

Datapac

Datapac is one of Ireland’s largest and most successful ICT solutions and services providers. We have been at the forefront of technology innovation in Ireland for the past three decades.

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs are a group of IT security specialists, ethical hackers, and researchers driven to identify security flaws before cyber threat actors does.