/ Print /

  • linkedin
  • Increase Font
  • Sharebar

    Five Ways to Improve Your Health Organization’s Cybersecurity

    source_MHE_81.jpg

    Healthcare’s approach to cybersecurity is maturing—but not fast enough, according to a new survey.

    Respondents to the survey, from Symantec, revealed that cybersecurity is no longer considered solely an IT responsibility or compliance issue, with 94% of them identifying risk assessment as one of the top three drivers for security investments, compared to just 74% in 2016. In addition, C-suite executives are taking a more hands-on role in cybersecurity, with 80% of respondents reporting that cybersecurity is now a board meeting issue (about evenly split between 40% “ad hoc,” and 40% “proactively” or “standing”).

    Together, Symantec and HIMSS Analytics surveyed 104 IT leaders and professionals to gather survey results. The collection period began November 1, 2017, and closed December 8, 2017. The companies also conducted 10 in-depth qualitative interviews to gain additional insight into key topic areas.

    WirthWirth

    “In summary, the survey shows that security risks are real and need to be addressed on all levels of the organization, from technical to the board, and all executive decision makers, including managed care executives,” says Axel Wirth, healthcare solutions architect, Symantec. “Despite the increased focus on cybersecurity in board meetings, healthcare organizations continue to underinvest in cybersecurity—even as cyberthreat activity amps up and gets more sophisticated.”

    In fact, the survey showed that IT security spend has remained relatively flat over the last three years. Almost three-quarters of providers dedicate 6% or less of their IT budgets to security.

    The cloud remains a concern for many healthcare providers, with 71% of survey respondents having multiple security concerns related to moving information/applications to the cloud, even though three of four providers are already using the cloud, according to the survey. And, organizations are not sufficiently prioritizing security that addresses the unique complexity and diversity of their medical device environment. Almost all (95%) respondents have multiple concerns regarding medical device security in their environments.

    Other unique findings show a rise in organizations using formal risk frameworks with NIST CSF being the most commonly used one (63%).

    “Survey respondents also surprisingly revealed that they are less confident in their organization’s ability to fend off attacks than they were the year before. Seventy-three percent of respondents identified ‘budget’ as the most significant barrier to improving their security programs, followed by ‘staffing’ and ‘skillsets’,” says Wirth.

    According to Wirth, healthcare executives should take the following five recommendations into consideration to advance their risk management programs:

    1. Create a culture of cybersecurity through leadership, awareness, and increased training across the organization and as appropriate for the respective roles.
    2. Implement an integrated cyber defense platform and take a “defense in depth” approach, rather than deploying a collection of security point products and solutions.
    3. Assure a homogeneous security approach spanning from traditional endpoints and networks to mobile devices and cloud applications.
    4. Ensure all necessary stakeholders (IT, legal, PR and communications, clinical staff, executives, etc.) are involved in Incident Response planning and that incident response plans are practiced.
    5. Continue to engage the board on security strategy and enable security risk understanding from a business perspective.

    2 Comments

    You must be signed in to leave a comment. Registering is fast and free!

    All comments must follow the ModernMedicine Network community rules and terms of use, and will be moderated. ModernMedicine reserves the right to use the comments we receive, in whole or in part,in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.

    • [email protected]
      I grew up with a distorted self-esteem which eventually stood in mine and my husband’s way for years. He gladly picked it up and used it to his advantage. Only a person that has endured marital affair will understand how hard it was to cope with his unfaithful behavior that pierced a dagger through my heart and slowly pulled it back out. Years after going to a hypnotist and so many therapists to see if that would help, dr. wakina at [email protected] demonstrated his competence as one gentleman who rendered the help I needed in four days. His abilities made me realize that I have been wasting my precious time undergoing therapy and coming out feeling no difference for a situation that can only be solved spiritually. My wait on the day in which he holds me in his arms again was over after an authentic love spell that sanitized my marriage for good and boosted my self-esteem.
    • [email protected]
      I grew up with a distorted self-esteem which eventually stood in mine and my husband’s way for years. He gladly picked it up and used it to his advantage. Only a person that has endured marital affair will understand how hard it was to cope with his unfaithful behavior that pierced a dagger through my heart and slowly pulled it back out. Years after going to a hypnotist and so many therapists to see if that would help, dr. wakina at [email protected] demonstrated his competence as one gentleman who rendered the help I needed in four days. His abilities made me realize that I have been wasting my precious time undergoing therapy and coming out feeling no difference for a situation that can only be solved spiritually. My wait on the day in which he holds me in his arms again was over after an authentic love spell that sanitized my marriage for good and boosted my self-esteem.

    Follow Us On Twitter

    Find us on Facebook

    Latest Tweets Follow