Be Cyber Smart: Hospitals and Cyber Safety!
The overarching thought for Cyber Security Awareness Month 2020 is ‘Do your part. #BeCyberSmart.’
This is what we have done this year in many other aspects of our lives, and it worked. When it comes to cybersecurity, it will certainly make our interconnected world safer and resilient for all.
One crucial lesson the COVID-19 pandemic has taught us that hackers target users’ increased dependence on digital applications, fears, and new habits. The pandemic began with Coronavirus-based scams and phishing attacks in March. A recent survey mentioned that 32% of consumers acknowledged that they had been targeted during the phishing scams related to COVID-19.
While this survey speaks of cyberattacks on consumers, there is another important sector that has been largely affected by cyber threats during the pandemic- hospitals.
The amount of cyber attacks on hospitals in the past few weeks has shocked many. United Health Services struggled to recover computer networks, including patient and clinical data, over its 400 locations after their systems were taken down due to a cyber attack.
Similarly, Ashtabula County Medical Center had to postpone their elective procedures after they were taken offline for days. Tragically, a German woman became the first person to lose her life due to a cyber attack after hackers attacked her hospital with ransomware.
Cybercrime is undoubtedly reaching new lows, and the threat to patient safety is increasing exponentially as the line between online and offline attacks blurs.
Cyber Security Awareness Month is a reminder for hospitals and healthcare provides that cybersecurity is a matter of life and death. Over the months, we have seen cyberattacks against healthcare organizations skyrocket, and the trend is only expected to continue. Healthcare providers cannot wait to reevaluate their cybersecurity infrastructure. But where should healthcare organizations focus their attention?
Assessing the risk
The most crucial step for healthcare organizations is to identify where sensitive information lies within the network and how many devices are connecting to the network. This assessment helps hospitals uncover multiple insecure devices interacting on the network, allowing them to enforce effective policies for the connection.
Post this exercise, how do healthcare organizations make sure that sensitive data is only shared with authorized individuals securely?
Identifying and applying security are the new network perimeters- the frontline that hackers attack. Thus, it is important to control who has the system access to restrict cyber attackers. This also enables the hospitals to determine which assets can and should be migrated to the cloud for optimized patient care and added security.
Knowingly or unknowingly, employees pose a bigger risk for any organization. For healthcare organizations, this threat is even bigger as cybercriminals target hospital workers with lucrative phishing scams that mask government health organizations and promise valuable COVID- treatment-related information to trick them into clicking on links leading to the malware download.
It is crucial that all employees undergo security training and learn how to identify phishing scams and report suspicious activities so that security teams can mitigate potential risks.
Automating cybersecurity control
Frontline workers are under tremendous pressure, and one cannot expect a user to catch every cyber attack attempt. While employee cyber safety training is the first line of defense, the second line is automation. By leveraging automated security tools, healthcare organizations can greatly reduce the risk of human error and immediately respond to potential risks.
It is crucial that healthcare organizations
reassess their cybersecurity infrastructure. Cybersecurity must be a fluid part of any organizations’
strategy. With clear visibility to data flaws and automated security management
tools, we can better defend our healthcare’s digital infrastructure as
frontline workers are busy protecting society’s most vulnerable.