The World Health Organization (WHO) defines health as “a state of complete physical, mental and social well-being and not merely the absence of disease or infirmity.” Today, this definition of health should not just apply to the mind and body but also financial health and cyber health.
Technology has transformed how we operate our day-to-day lives and businesses, placing a greater emphasis on taking preventative measures to safeguard what we put online, much like we would our mind and body.
Cisco — a worldwide leader in IT, networking and online security solutions — says that cybersecurity is the “practice of protecting systems, networks and programs from digital attacks.” These types of attacks include stealing personal and sensitive information, extorting money or interrupting business. In the past year, news of cyberattacks has plagued the healthcare industry, from a crippling series of attacks on small medical practices to Universal Health Services, one of the largest healthcare providers, suspending user access to information technology applications due to a “security incident” recently.
Why Healthcare Organizations?
Health organizations tend to be attractive targets for hackers thanks to the abundance of billing information and medical records, which are almost more useful to hackers than social security numbers or credit cards. The 2019 Mid-Year Data Breach Barometer Report from Protenus and Databreaches.net reported more patient records were breached in the first half of 2019 than in all of 2018. Cybersecurity Ventures, a researcher and source for cybersecurity facts, predicts healthcare organizations will suffer two to three times more cyberattacks than other industries in 2021.
Outdated IT systems, undefined cybersecurity protocols and limited IT staff make up just a few reasons why health organizations have such a prominent target. These vulnerabilities have been further exposed while navigating the global pandemic. Since the start of the pandemic, cybercriminals have hacked temporary medical facilities being used to treat patients, gained control of patients’ medical devices and employed email phishing tactics — all with the intent to sell information or hold the network for ransom. These attacks not only cost organizations millions, but they also hinder the power to provide quality, acute care for patients.
Ways to Stay Ahead of Cyber Threats
The healthcare industry cannot afford to suffer in cyber health, no matter the organization’s size. Healthcare leaders must prioritize ways to stay ahead of these attacks, including real-time monitoring and cybersecurity assessments. Other strategies that could make an immediate impact on preventing cyberattacks include:
- Training: Health IT Security shared a report that revealed 24% of the country’s health employees had never received cybersecurity awareness training as of the summer of 2019, though they felt they should have. Cybersecurity preparation should involve all staff members, as most cyberattacks begin with a reaction to an email phishing scam. All it takes is one click on a malicious link to compromise an entire system. Cybersecurity training can arm employees with the necessary awareness.
- Budget: Healthcare organizations should reevaluate their IT budgets. Lisa Rivera, a former federal prosecutor who now advises health companies on criminal healthcare fraud, said that on average, only 4 to 7% of a health system’s IT budget is in cybersecurity. Other sectors, like the financial industry, allocate about 15%. An investment in cybersecurity would be well worth the cost, as preventing a data breach is more cost-effective than responding to one.
- Education: A higher education degree like the online Master of Business Administration (MBA) with a Concentration in Cybersecurity program from Murray State University could equip future leaders with a strong management foundation and skills in concepts like data communications, network infrastructure and intrusion prevention techniques. Advanced degree programs can prepare graduates to confidently step into an industry with substantial projected growth as more fields shift operations online.
The Bureau of Labor Statistics (BLS) projects information security analysts’ employment to increase by 31% between 2019 and 2029, faster than the average of all occupations. Meanwhile, Cybersecurity Ventures projects the global healthcare cybersecurity market to increase 15% yearly over the next five years.
As we continue to navigate a global pandemic and technological shifts in this digital age, cyberattacks and data breaches are not unorthodox. They are a given. Leaders in healthcare organizations must prioritize cyber health to protect their staff and the patients for whom they care.
Learn more about the Murray State University MBA with a Concentration in Cybersecurity online program.
Sources:
Cybersecurity Ventures: Healthcare Industry to Spend $125 Billion on Cybersecurity From 2020 to 2025
Forbes: Healthcare Cybersecurity Continues to Be a Major Concern
Healthcare Finance: Number of Cybersecurity Attacks Increases During Covid-19 Crisis
HealthTech Magazine: Why All Healthcare Businesses Need a Cybersecurity Assessment
Health IT Security: 24% of US Health Employees Never Received Cybersecurity Training
HIPPA Journal: First Half of 2019 Sees 31.6 Million Healthcare Records Breached
U.S. Bureau of Labor Statistics: Occupational Outlook Handbook: Information Security Analysts
Wall Street Journal: Smaller Medical Providers Get Burned by Ransomware