Daily new cybersecurity threats are emerging in Healthcare, but there are also encouraging mitigation trends to deal with these threats. Here are five Cybersecurity trends emerging in 2018.
1. Ransomware attacks via connected devices will be more severe
Today, hackers target medical and IoT devices that provide, transmit, and access confidential data because they can exploit the fact that most manufacturers did not consider cybersecurity when designing those devices.
All of this increases vulnerability to ransomware. Many healthcare providers are forced into paying to get their data back. The attacks are coming from all types of endpoints, including some that providers can’t control or monitor. In the near future, healthcare providers may be asked to “pay to get a life back” because ransomware can attack life-supporting medical devices. What were once ‘zeros and ones’ can now threaten life or death, presenting a huge temptation to malicious attackers.
2. More cybersecurity education in Healthcare will help minimize inside threats
Attackers are getting more sophisticated, organized and less obvious as they attempt to snare staff and administrators with rapidly changing tools. Therefore, security training and guidance is critical to minimize staff exposure to phishing attacks and malware intrusion, as is reasserting policy and penalties for staff with bad intentions.
Training employees once a year isn’t enough; sometimes once a month isn’t even enough. You can’t assume you show them once, and they will remember for the rest of their lives. Start with academic courses and test your employees’ knowledge of the ABCs of technology. Then go further.
3. Healthcare cybersecurity investments will increase
Cybersecurity in healthcare is much more than just “protect the data, and you’re safe.” Multitudes of vendors are popping up in the cybersecurity space, and everyone claims they have the product that solves everything. The truth is, there is no silver bullet; it’s only through a system of people, process, and technology that can secure your organization, and get the highest ROI on this investment.
Finding the right security staff also poses many challenges to a healthcare organization. Security is a competitive field and attracting the right talent with limited resources has proven to be difficult. I have found that expanding your applicant pool to people with more diverse backgrounds is effective; understanding the technology is one of the easiest parts of being a security analyst.
4. AI will be needed for all the data and patients that require protection
In today’s world, the tools we use and the ways we care for our patients have multiplied and are generating enormous amount of data at an alarming rate. What concerns me is where this data is going and who has access to it. While we all do our best to assure the integrity and confidentiality of sensitive data, the methods we use leave us with a staggering number of false positives and logs to manage.
The early applications of artificial and augmented intelligence seem promising, and as organizations increasingly adopt it, I foresee having the ability to respond to attacks in real time. If it can be determined within moments that an attack has happened, one can mitigate damage, recover and respond quickly.
5. Now more than ever, reputations are at risk when data is compromised
The way you govern your Cybersecurity Program has serious consequences on the entire organization. Get it wrong, and patients could be tempted to move to another provider. Patients who have healthy, long-term relationships with their providers are not likely to leave the practice. But healthcare isn’t just limited to doctors.
For the sake of your organization’s reputation, you must ensure to report a cybersecurity attack properly. Transparency is key. Reporting details of a breach to the public quickly and efficiently is now a requirement; otherwise, social media may do it for you, and it won’t be pretty. No organization wants the perception that they don’t disclose information that should be reported timely. I believe the public, and your patients, understand the risk that any organization is likely to be hacked or attacked at some level. What they are carefully watching, is how well your organization is prepared to respond, mitigate future threats, and move forward.
To learn more about cybersecurity threats, watch this video: https://ibm.biz/BdZfSZ