The stats on healthcare security are sobering. The Identity Threat Resource Center (ITRC) reports 30% of all U.S. data breaches are aimed at healthcare targets. McAfee Labs pegs the number at 26%, making it the most impacted North American sector in the second quarter of 2017.\nAnother study \u2014 the Protenus Breach Barometer Mid Year Review \u2014 found that between January and June, more than 3.15 million patient records were breached during a total of 233 breach incidents. The worst part is that on average, it took 325.6 days to discover a breach, according to the review.\nIt\u2019s a problem that doesn\u2019t seem to be letting up, according to Protenus cofounder and president Robert Lord, who said, \u201cHealthcare has invested tens of billions of dollars in deploying systems to leverage data to improve patient outcomes \u2014 and appropriately so. \u2026 But we still have massive problems with the abuse of that data and those systems.\u201d According to the firm, the biggest problem is insiders, but cyber attacks on the sector continue to increase. Hackers are a huge issue, with 1,684,904 patient records impacted this year alone.\nSome of the largest attacks this year have come from ransomware. These attacks \u2014 which hit a network, encrypting resources and files until someone pays up \u2014 have various entry points into the network. One recent report by Crowd Resource Partners found that of those hit by malware, infections had three sources. Nearly three-quarters (73%) of respondents said ransomware took hold after users opened malicious email attachments. More than half (54%) cited ransomware infection happened when users responded to phishing emails. About one-quarter (28%) were infected when users visited compromised websites.\nWhile there was no disclosure about how much hackers were looking for, a number recently published by CSO puts the ransomware problem into perspective. \u201cRansomware cybercriminals took in about $1 billion [in 2016], based on money coming into ransomware-related Bitcoin wallets.\u201d\nWith the use of electronic healthcare records at an all-time high, and the number of connected devices in hospitals on the rise, the risk can only get worse, according to ECRI Institute research. \u201cThese connected devices could serve as entry points into a hospital\u2019s network, placing hospital operations, medical information, patient identity and patient financial information at risk,\u201d writes Anthony J. Montagnolo, M.S., executive vice-president and chief operating officer at ECRI Institute. There are approximately 15 to 17 devices per bed, and about one out of four of those devices are networked.\nMaking the Right Choices\nWhile experts agree there is no way to completely stanch the flow of ransomware or phishing that comes into IT infrastructure, a highly secure network with the right hardware, software, and policies in place can mitigate risk and stop hackers in their tracks, even if users are duped into launching an attack.\nAs an added benefit, a well-designed and maintained network infrastructure \u2014which includes a traditional network as well as Wi-Fi connectivity \u2014 helps improve access to clinical and patient-facing applications, which speeds care; this is an important element in medicine, where seconds truly count. Combined, these elements may be why 81% of U.S. healthcare executives and 76% of global executives surveyed, respectively, said they would increase security spending this year. Network security \u2014 cited by 69% of respondents \u2014 still is the top U.S. IT healthcare expense.\n\u201cCybersecurity continues to be top of mind for IT managers, and networking is right smack in the middle, since the network is like the nervous system that connects all the elements of IT infrastructure,\u201d writes Dan Conde, an analyst at Enterprise Strategy Group. Networks and network security are in flux. Network infrastructures are becoming more software-defined while at the same time, many organizations are tapping a cloud-based model to augment what they\u2019re doing on premises. ESG\u2019s Conde explains why these strategies are gaining traction. \u201cAs fast LTE and 5G speeds offer viable alternatives in bandwidth and latency, and as fixed-line providers deliver more flexibility in network function virtualization, the line between traditional IT networking and service providers starts to blur.\u201d\nThis new network paradigm means IT executives can tap both on-premises and cloud-based web security services that provide near-real-time protection against viruses, malware, and hackers. It also means the once-standard firewall and secure web gateways aren\u2019t enough to handle an organization\u2019s security needs. Firewalls still are required, but there are other technologies that must be present as well.\nSoftware-defined security is one such technology, writes Rohit Bhisey of TMR Research. \u201cAs software-defined security is a computer embedded network security architecture that syndicates network security and defensive protection, it is increasingly in demand. This architecture leverages both internal and external sources and is designed to be scalable, secure, and modular.\u201d\n\u201cSoftware-defined security helps in automating and placement of network security controls in organizations by making use of software rather than conventional security controls. By implementing specific policies as distinct and tailored as per particular business needs, this SDSec is helping enterprises secure their network,\u201d Bhisey states.\nNetwork monitoring, which lets IT view traffic at the packet level, search for traffic anomalies, and set use policies down to the application and user level, is a significant benefit, too.\nWhatever technology you implement, consider this: At the end of the day, it\u2019s up to healthcare IT executives to do whatever it takes to highly secure the network and the associated data and information. While today it may be impossible to hack a person\u2019s implanted device or shut down a hospital\u2019s MRI machines, the potential is there. A highly secure network is the first \u2014 and best \u2014 way to prevent such calamities.