Experts cite a number of specific risks:
- The growing number of smart medical devices increases the attack surface that cybercriminals can exploit.
- The temporary facilities that many organizations have set up to deal with the increase in patients did not include proper security protections.
- Overtaxed IT and clinical staffs are so focused on their primary workloads that they have less bandwidth to identify security threats.
- Users are concerned about pandemic health risks, increasing the chance they may click on malicious links.
Is a Security Breach Is Inevitable?
To make matters worse, the healthcare industry continues to face a shortage of qualified cybersecurity professionals. There’s no question that healthcare organizations should already have robust security measures in place and should be working to strengthen their defenses against the increased likelihood of an attack. While effective defenses are critical, however, healthcare IT leaders must understand that they are not foolproof. In fact, no matter how much time and how many resources an organization puts into cybersecurity defenses, it’s a mistake to think they will always be effective.
Organizations should assume that, at some point, they will face a security breach. Operating under this assumption, it’s imperative that they devote significant attention to responding effectively in the event of a successful attack.
Plan for a Successful Cybersecurity Incident Response
Given the challenges that organizations face in keeping cyberattackers at bay, an effective incident response plan is essential. Having a plan in place helps to ensure that the response is swift and organized and that an organization is able to avoid rash decisions that could exacerbate the situation.
Healthcare organizations should consider these elements as they develop their incident response plans:
- The plan should identify key members of the organization who are responsible for making tough and immediate decisions. These leaders should engage in tabletop exercises to practice effective response.
- It should establish a process for training staff members in emergency response protocols and testing them to assess their effectiveness.
- The organization should compile an inventory of its most sensitive information assets.
- Response efforts should be integrated into the organization’s greater hospital incident command system.
Incident response is a complex process, and organizations should work on this issue long before a cyberattack occurs.
In the current environment, successful healthcare organizations are those that field defenses to keep cybercriminals out and respond effectively when they happen to get in.