Cybersecurity is becoming a part and parcel of our daily life. The theft of private, financial, or other sensitive data and cyber attacks that damage computer systems are capable of causing lasting harm to anyone engaged in personal or commercial capacity. Cyber security in the healthcare industry has the biggest share of the pie. They are struggling to keep themselves secure.
Considering this issue Consortium of Accredited Healthcare Organization (CAHO) and InnovatioCuris (IC) jointly organized Cybersecurity Bootcamp Training for Hospitals’ at M.S. Ramaiah Advanced Learning Centre in Bengaluru, India on 30th September, 2018. Personnels from eighteen hospitals from various parts of the country attended the bootcamp. Personnel included CXOs, hospitals administrators, IT staff and a few doctors.
Also Read: Ransomware Epidemic – Who is next?
What hospitals learned?
To enhance cybersecurity capabilities at hospitals, attendees learned
Cyber threats landscape for hospitals: Dysfunctioning of medical devices can be catastrophic. Imagine, hackers take control of one’s pacemaker and ask for ransom or else they would manipulate the device which could be fatal. This kind of attack has been showcased in the very famous TV show Homeland wherein the Vice President dies due to hackers remotely disabled his pacemaker.
Cyber vulnerabilities and their protection: Many healthcare enterprises have the legacy or antiquated devices that are running outdated software or operating systems. This is the easiest path for attackers lie in the integrated building management, physical security and clinical devices. Healthcare networks are often designed to minimize cost and maximize efficiency, creating flat networks that are easy targets for attackers. Everything else takes a back seat, often including cybersecurity. Healthcare organizations are hyper-focused on their primary mission – saving lives and helping patients – and cybersecurity risks aren’t on the forefront of their minds. Many healthcare enterprises leverage external third-party vendors to manage and run their systems, which can introduce a significant amount of risk.
Ransomware: Ransomware epidemic is spreading in healthcare like wildfire due to its increasing digitalization which is and will attract more attention of hackers. The healthcare industry has been a victim of various cyber attacks in the last few years. According to recent studies, healthcare has outnumbered financial services and become the most cyber attacked industry. The latest in cyber-attack is ransomware wherein the hacker encrypts the data and threatens to publish it until the ransom is paid in form of bitcoins. In US alone, healthcare industry was the victim of 88 percent of all ransomware attacks across industries last year.
Medical devices security framework: The five star medical devices cybersecurity framework: Safety by design, third-party collaboration, evidence capture, security updates and segmentation & isolation.
Healthcare compliances: Healthcare compliance requires healthcare organizations and providers to develop effective processes, policies, and procedures to define appropriate conduct, train the organization’s staff, and then monitor the adherence to the processes, policies, and procedures.
To learn about the problems of the attendees and hospitals, a group task was conducted. This helped us know better our participants and provide viable and tangible solutions. Discussions were made about the immediate threat they have, how they cater them and what more steps can be taken to serve their needs in a better manner.
‘In the world of cybersecurity, the last thing you want is to have a target painted on you.’ – Tim Cook
For more information reach out to us at [email protected]