Cloud Migration Challenges For Healthcare Organisations

The COVID-19 pandemic has forced healthcare organisations (HCOs) to accelerate their digital transformation and cloud adoption by almost 90%, with remote working and cost savings viewed as the main reasons to implement a cloud infrastructure. This was a result of a global survey from Trend Micro, which surveyed more than 2,500 IT decision makers across several industries, including healthcare. 

With digital transformation comes a higher level of cyber threat.  The survey showed that the sector may have over-estimated its ability to protect its cloud environment as 43% of HCOs revealed that a skills gaps was a barrier to migration and only 40% are confident they secure their part of the Shared Responsibility Model.

Trend Micro commissioned Sapio Research to carry out the survey and the results show that 88% of HCOs have accelerated their cloud adoption because of the pandemic. Remote working, cost savings and improved IT agility were three main reasons for the switch to cloud-based infrastructure. 

Rapid shifts to the cloud may leave organisations at higher risk of cyber threats and the survey has identified four challenges HCOs reportedly faced when moving to cloud-based environments:      

  • Skills shortages: 43% revealed that skills gaps are a persistent barrier to migrating to cloud security solutions.
  • Day-to-day operations: Setting and maintaining policies (34%), patching and vulnerability management (32%), and misconfigurations (32%) were challenges of protecting cloud workloads.
  • Increased costs: 43% have spent more on capital expenses and paying for contracted out services, while 39% have spent more on operational and training costs since migrating.
  • Security responsibility: Just 40% are confident they secure their part of the Shared Responsibility Model.

While cloud migration isn’t simple, it can be enabled and improved using the right security tools. “Security is another aspect of building well, not a separate function. And security controls help teams build better in the cloud ....Security can be an accelerator for building in the cloud. Using the right tools and understanding the platforms you’re using is key to making that happen.” said Mark Nunnikhoven, VP of cloud research at Trend Micro. 

The healthcare sector has been on the frontline in the struggle against COVID-19 and digital transformation can make a positive impact on productivity and patient care during this time of critical need.  However, it is essential that the broader attack surface of an expanded digital infrastructure is given due consideration.

With the right cloud-ready solutions in place, HCOs can maximise cloud benefits without putting mission-critical systems or patient data at risk. Such tools can also minimise skills challenges by spotting misconfigurations, automating patching and policy management, and integrating security into DevOps, across both cloud and on-premise environments.

Trend Micro:      Bloomberg:     Cision:     Image: Unsplash

You Might Also Read:

The Five Best Ways To Secure Your Cloud Environment:

 

« More Critical Problems With SolarWinds
Everything You Need To Know About Hashing Algorithms »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

BruCERT

BruCERT

BruCERT is the referral agency for dealing with computer-related and internet-related security incidents in Brunei Darussalam.

Alarum Technologies

Alarum Technologies

Alarum Technologies (formerly Safe-T) is a global provider of cyber security and privacy solutions to consumers and enterprises.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

DXC Technology

DXC Technology

DXC Technology helps global companies run their mission critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

XTN Cognitive Security

XTN Cognitive Security

XTN is focused on the development of security, Fraud and Mobile Threat Prevention advanced behaviour-based solutions.

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

CertiK

CertiK

CertiK uses rigorous Formal Verification technology to provide hacker-resistant smart contract and blockchain audits, thorough penetration testing, and customized security integrations.

Area 1 Security

Area 1 Security

Area 1 is the only Pay-per-Phish solution in cyber security. And the only technology that blocks phishing attacks before they damage your business.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

Strata Information Group (SIG)

Strata Information Group (SIG)

Strata Information Group (SIG) is a trusted partner in IT solutions and consulting services.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.

Swick Technologies (SWICKtech)

Swick Technologies (SWICKtech)

SWICKtech offer IT managed services to increase IT security, stability, and performance for your organization.