Healthcare providers have been under intense pressure over the last year. Besides having to deal with the immediate and longer-term medical consequences of the COVID-19 pandemic, they have also needed to quickly adapt IT and medical technology to maintain safe patient care. If that wasn't enough, cybercriminals and other opportunistic bad actors have used the pressure on medical providers as a cloak to increase cyber-attacks. Never let it be said that cybercriminals can't find a new low.
Most organizations providing healthcare services are not focused or equipped to deal with the ever-changing threat landscape that cyber attackers look to exploit. Even the largest providers, which have the resources to staff and maintain in-house cyber security teams, struggle to find and retain competent cyber security professionals. There is a dearth of available talent in the marketplace, and acquisition costs can be high.
But healthcare providers need to treat cyber security as a tier-one part of their day-to-day operations. The threat is real, and the loss of sensitive medical data due to a successful cyber-attack and breach can be catastrophic. Both from a reputational perspective for the organization and the patients whose medical data is now in bad actors' hands.
What Can Healthcare Providers do to Protect Their Systems?
There are steps that every healthcare provider can take to maximize their security posture. CI Security has partnered with the American Hospital Association on a white paper covering five areas that should be considered. The authors of the white paper are national leaders in cyber security. They are:
John Riggi - Senior Advisor for Cyber Security and Risk at the American Hospital Association
John is a highly decorated veteran of the FBI who spent almost three decades working to protect America from multiple threats and adversaries. He led the FBI Cyber Division national program to develop mission-critical partnerships with healthcare, and other critical infrastructure sectors, to ensure that these vital assets had protection from attack.
Drex DeFord - Founder, Drexio, LLC & 3xDrex.com; Former CIO at Steward Healthcare, Seattle Children's, Scripps Health, USAF Health
Drex has over three decades working in various senior leadership roles within the health information technology sector. He is one of the Critical Insight Security Program creators for CI Security, where he holds the title of Healthcare Executive Strategist.
What does the White Paper Cover?
The white paper gives a broad outline of the cyber security threat landscape that faces healthcare providers in the USA, and indeed globally. It then dives into five topics that are especially relevant to most providers today. The titles of the five topics discussed in detail are:
- The Healthcare Cyber Security “People” Problem
- The “Too Many Tools” Problem
- The Everything-is-Connected-to-Everything-Else Problem
- The Culture of Cyber Security
- The Cyber Security in a Hurry Problem
The paper concludes with a summary about how healthcare providers can call on industry expertise to address the cyber security threats they face without assembling an in-house expert cyber security team.
Where can I get the White Paper?
The white paper is currently available exclusively from the American Hospital Association website. Download a copy here.