The War Against Cyberthreats: Planning a-Head

The War Against Cyberthreats: Planning a-Head

As cases of COVID-19 escalated rapidly in March 2020, I began inventorying emergency supplies even though schools and restaurants were still open in Maryland.

Then, on March 17, 22 new cases were reported, doubling a few days later. On March 20, as neighbors stocked up on essentials, I made a highly unusual purchase—a Wahl “Home Haircut and Grooming Kit”—anticipating that the barber shop would soon be closed. Nine days later, my wife gave our boys and me the first of many “COVID cuts.”

I was reminded of this notion of preparing for the inevitable before “the clippers” were unobtainable when talking with my colleague Cindi Bassford, partner at Guidehouse, about cybersecurity in healthcare.

Cyberattacks against organizations have become inevitable.

They are especially problematic in healthcare, a favored target for hackers. Ransomware attacks, representing nearly half of healthcare data breaches, bring clinical care to a halt and force critical patients to be rerouted to other facilities.

Despite increased warning signs, many institutions were unprepared when COVID-19 hit. As Cindi highlights in our discussion, common problems for organizations include the lack of thoroughly inventoried systems, updated security, and fully understanding the implications of operational decisions.

View our conversation here.

While electronic health records data is often the focus of data security, vast numbers of connected medical devices (60% of which are at end-of-life with no patches or upgrades available), bring new vulnerabilities. Furthermore, the pandemic has exacerbated these issues as many in the workforce connect from home on personal devices, falling victim to phishing, social engineering, and other hacks.

After an attack, leaders found they had inadequate backups, training, and processes in place to avoid further damage.

Equally as troubling, many leaders failed to engage a cybersecurity partner ahead of the attack and were forced to scramble, only to find that most firms were already committed to other clients. Beyond delaying their response, it added to the cost.

As a recent cyber panelist said during HIMSS 2021, “You may be able to negotiate with a ransomware attacker, but you won’t be able to negotiate with a cybersecurity firm if you cold-call them after an incident.”

Perhaps one unexpected consequence of the inevitability of attacks is a change in organizational attitude and culture. Historically, cybersecurity has primarily been the chief information officer’s responsibility, and a breach was that person’s failure. Now, cybersecurity is a collective responsibility, requiring everyone to do their part to protect the network, with both administrative and clinical leadership.

When an attack does occur, it creates an opportunity for organizations to shine through response and recovery.

Read more: https://guidehouse.com/insights/healthcare/2021/vlogs/war-against-cyberthreats

Good read Dr Greenspan.

回复

要查看或添加评论,请登录

Harry Greenspun, M.D.的更多文章

  • What’s Next for Virtual Pediatric Care

    What’s Next for Virtual Pediatric Care

    Although the pandemic has impacted everyone, it has not been uniform. Dramatic differences emerge when comparing…

    1 条评论
  • It's easier to cure the sick than to raise the dead.

    It's easier to cure the sick than to raise the dead.

    Leading Hospitals Through Difficult Times During my anesthesia residency, one of my on-call duties was to respond with…

    1 条评论
  • Well that was weird: HIMSS 2021

    Well that was weird: HIMSS 2021

    Well, that was weird… but in a good way. As it has in years past, the 2021 HIMSS conference highlighted the biggest…

  • Shocked, but not Surprised

    Shocked, but not Surprised

    Living in Washington, DC, politics is inescapable. During the most recent government shutdown, traffic was light, and…

    2 条评论
  • 50 Shades of Gray: Learning to successfully experiment and innovate

    50 Shades of Gray: Learning to successfully experiment and innovate

    My wife and I consider ourselves pretty adventurous, so last year we decided to try something really different. Like…

  • Insights from Women CEOs

    Insights from Women CEOs

    One of the most rewarding parts of my role is to moderate our monthly webinars. With each, we gather a group of experts…

    1 条评论
  • The Impact of Health IT on Value-based Care

    The Impact of Health IT on Value-based Care

    Riffing on an old saying, “Ask four doctors a question and you’ll get five opinions.” With that, I was honored to speak…

  • Crisis vs. Challenge: Learning from a non-near-death experience

    Crisis vs. Challenge: Learning from a non-near-death experience

    Not long ago I woke up in the middle of the night with excruciating pain in the upper right quadrant of my abdomen. As…

  • The Enormous Power of the Small Win

    The Enormous Power of the Small Win

    I met my friend Sharon at a bank robbery. My wife and I had gone to a local hardware store to buy some paint.

  • Teaming Teams

    Teaming Teams

    This past weekend our sons’ cycling team, Rock Creek Velo hosted a racing clinic in conjunction with our largest…

社区洞察

其他会员也浏览了