Does the healthcare industry have a cyber security problem? In 2016, many healthcare organizations were impacted by ransomware, causing IT professionals to scramble to implement solutions.
Since healthcare organizations in the USare governed by HIPAA and HITECH, it is imperative that healthcare organizations become 100% compliant in order to keep the patient’s data safe and secure.
These regulatory frameworks provide guidelines for how data is stored and accessed. If a violation occurs, a healthcare organization can be subject to regulatory actions and financial penalties.
Consequently, cyber security has become a full time job within the healthcare industry. Many healthcare organizations are seeking Chief Information Security Officers (CISOs) as a way to emphasize data security at the executive levels. This top down approach ensures that all healthcare IT related projects are built with security in mind.
Is There a Shortage of Healthcare Information Security Officers?
According to Healthcare Finance, healthcare organizations are currently facing a “Widespread shortage of cyber security staff.” The article goes on to say that healthcare providers are highly vulnerable to cyber attacks.
An article at Healthcare Informatics says that healthcare organizations represented 40% of all ransomware attacks across all industries.
Technical recruiters mention that over 1M cyber security jobs industry wide are currently vacant. Some experts say that this number could rise to 1.5M in the coming years with much of these jobs being focused in healthcare information security sector.
By all standards, healthcare organizations seem undertrained and understaffed in terms of having the resources in place that will help mitigate a cyber attack.
Defeating a Cyber Attack – A Life or Death Situation
For decades, many experts thought that hackers would not target healthcare organizations.
There was this invisible line that hackers weren’t supposed to cross. With the recent outbreak of ransomware viruses that have impacted healthcare organizations, it’s clear that this invisible line no longer exists.
To compound the problem, it is estimated that in some environments, over 75% of the people who use the network have no need to access protected information. Nevertheless, these users remain the most vulnerable, because their machines and account privlages remain an attack vector for hackers.
Is healthcare cyber security a life or death situation? Of course it is! Could you imagine being a doctor that needs access to data, but the data is unavailable due to a cyber attack? How could the physician properly do their job?
Healthcare firms cannot slack on cyber security. Both morally and financially, having adequate cyber security is an absolute must. Luckily, healthcare organizations seem to be hiring cyber security professionals at a record pace.
2017: What Cyber Attacks Could Impact Healthcare Organizations?
In 2016, healthcare organizations were crippled while dealing with an outbreak of ransomware infections. In 2017, Experian predicts that healthcare organizations will continue to be the most targeted sector.
In fact, Experian goes on to predict that sophisticated attacks are emerging that specifically tailored to healthcare industry. These attacks will primarily be ransomware based, since hackers will be able to gain a monetary incentive for every successful infection.
While antivirus products such as Trend, Kaspersky and others have developed methods of detecting ransomware, the next generation of ransomware is expected to evade these detection techniques.
Government organizations have required that healthcare organizations report ransomware infections to consumers much like they would a data breach. This factor alone will raise the profile of ransomware, which will make healthcare information security one of the hottest IT topics of 2017.