Mistakes I’ve Made: Confessions of a Healthcare Cybersecurity Expert
As leaders rapidly shift to new business models to bolster revenue in this time of uncertainty, gaps in security are often being created that allow cybercriminals a way into systems.
On February 10, a panel of experts—including Geisinger’s top cybersecurity leader and experts from NTT DATA—discussed common mistakes that must be avoided so organizations can safely implement new opportunities for revenue growth. The entire webinar can be viewed at ModernHealthcare.com/CybersecurityWebinar.
1 Healthcare organizations a+re lagging significantly behind in cybersecurity maturity.
Released annually, NTT DATA’s Global Threat Intelligence Report offers an overview of major cybersecurity threats and benchmarks overall security preparedness levels across NTT’s customers. On a scale of 1 to 5, leaders are asked to share what they’d like their cybersecurity maturity level to be. In 2019, the average desired level among healthcare leaders was 3.15, but actual maturity levels assessed by experts were closer to 1.12. That’s a minimal improvement from a 2018 baseline of 1.03.
2 Your security program is obsolete any time you implement a change in technology.
Connected devices and data-enabled apps are increasingly being used by healthcare organizations to better serve patients, but it can sometimes be challenging to introduce the correct level of security to protect information used in those innovations. Step one to improving your organization’s cybersecurity readiness is assessing where vulnerabilities may exist, both at a baseline level and each time you change your environment. Develop a rubric for evaluating changes and assessing the impact on current users, system operations, security training, perimeter defenses and the security of related systems.
3 It’s critical that leaders create an incident response plan and test it regularly for gaps.
Even with an exceptional cyber-defense, breaches can occur. That’s why it’s important to have a comprehensive plan documenting the process for cyberattack response and investigation. Just as your cybersecurity defense must be flexible, your response plan must also be dynamic when gaps are identified or when the threat environment changes. A strong plan includes, but is not limited to, standard operating procedures for response, information on team structure, communication strategy, incident reporting and analysis, and documentation of lessons learned.
4 Leaders should pursue intelligence-driven cybersecurity and consider a Zero Trust approach.
A response plan is only as reliable as the threat intelligence that informs it. Leaders should invest in analytics that provide timely and accurate information to keep their cybersecurity up to date. One emerging trend is the Zero Trust mindset, a security concept that suggests that instead of relying on a network of trusted users or domains, organizations should not automatically trust any app or device, whether internal or external, and instead verify anything that attempts to connect to its systems, prior to granting access.
5 Monitor your threat environment continuously and standardize how security is controlled across your organization.
Once they’ve infiltrated your network, hackers can remain undetected for months, or even years. That’s why it is critical to monitor your environment and protect data from hackers who are already inside—assume you’ve been breached. Leaders should have a mindset of continuous compliance, remaining constantly vigilant and adjusting as needed. Your cybersecurity goals should be aligned with your business goals— governance, risk and compliance should all be top of mind, and not just for technology leaders.