Security

Rural Health Systems Take On Cybersecurity Improvements with Support

Collaboration is key for strengthening the cybersecurity strategies of rural hospitals across the U.S.

Chris Hayhurst is a contributor to the CDW family of technology magazines.

Predators in nature tend to hunt the easiest prey they can find. It’s a similar strategy for malicious actors targeting health systems: Attack the isolated and the most vulnerable.

IT leaders at rural healthcare organizations — such as Jim Roeder, vice president of IT at Lakewood Health System — are gaining a better understanding of these tactics. The health system in Staples, Minn., a small city northwest of Minneapolis, has been in operation since 1936 and includes a 25-bed critical-access hospital and primary care clinics in four surrounding rural communities.

“What we’re facing is what everyone is facing with ransomware attacks and bad actors,” Roeder says. “And then we have other problems because we’re rural. I think we’re seen as a potentially easy target.”

Like a number of facilities in underserved areas, Lakewood Health doesn’t have a CISO or a security operations center. Though it relies on critical IT systems, the organization has historically been short on the staffing and resources typically needed to stay protected.

“Everyone here is wearing multiple hats,” Roeder says. “We’d love to have someone who could be dedicated to reviewing logs and alerts, but we can’t because we don’t have the workforce.”

That doesn’t mean safeguarding patient data isn’t a high priority at Lakewood Health. In fact, Roeder adds, the opposite is true: Their cybersecurity posture is better than ever.

That’s thanks in part to a recent initiative called the Microsoft Cybersecurity Program for Rural Hospitals, led by Microsoft in partnership with the American Hospital Association and the National Rural Health Association. The program provides free and discounted cybersecurity tools and services to rural hospitals across the U.S.

Click the banner below to read the recent CDW Cybersecurity Research Report.

x_security_q325_animated_click_desktop_03

x_security_q325_animated_click_mobile_03

Lakewood Health joined the program as one of four early adopters in spring 2024. It started with a third-party evaluation of its cybersecurity policies and tools, and that led to the identification of several weak spots that required immediate attention.

While the organization had just upgraded to next-generation firewalls with artificial intelligence–enabled protection, Roeder says, “one of our biggest issues was that we didn’t have detection and response software.”

The fix included implementing Microsoft Defender XDR, a security solution that deploys attack surface reduction rules to block or audit malicious or suspicious activity on an organization’s network. If a user at any one of the organization’s workstations tries to launch something that hasn’t been approved, “we’ve set it up to prevent that from happening and to autoremediate if anything gets through,” he says.

Lakewood Health now also takes advantage of Microsoft-driven phishing simulation tests and, through the federal Cybersecurity and Infrastructure Security Agency, free vulnerability scanning and tabletop exercise packages.

“It’s a journey that we’re on, but we’re far better off than we were a year ago,” Roeder says. “There are a lot of different pieces that go into it, and all of it together is what allows us to be safe.”

Unique Challenges for Rural Healthcare Cybersecurity

In 2024, there were 725 large healthcare data breaches, each involving at least 500 patient records, according to the U.S. Department of Health and Human Services. Hacking and other IT incidents accounted for more than 80% of these incidents, which is unsurprising given estimates that digital medical records are 50 times more valuable than financial information.

While hospitals everywhere are at risk of cyberattack, rural providers are especially challenged in their ability to mount an effective defense.

“A lot of it comes down to reimbursement and having the funds and expertise available,” says Roeder, who served as co-lead for a report on the subject by the Health Sector Coordinating Council Cybersecurity Working Group. Resource-constrained providers “lack the workforce, partners and means to implement cybersecurity best practices,” the report concluded.

The good news is that organizations like the HSCC are actively collaborating with tech sector leaders to make rural healthcare cybersecurity stronger. And industry experts like John Riggi, the AHA’s national adviser for cybersecurity and risk, are encouraging rural hospitals to make the most of these partnerships.

“At a lot of these facilities, the IT director is looking at logs one minute, and the next minute, he’s changing light bulbs,” Riggi says. Initiatives like the Microsoft program, which now has more than 550 participants, “can really make a difference for critical-access hospitals by helping them do everything possible on defense.”

Back to the article Autoplay Full Screen Grid View Exit Full Screen

Back to the article Autoplay Full Screen Grid View Exit Full Screen

Partnerships Drive Progress in Rural Healthcare Cybersecurity

One organization that’s currently working with Microsoft on several important security upgrades is Fulton County Medical Center, a 21-bed critical access hospital in McConnellsburg, Pa., a short drive away from the Pennsylvania-Maryland border.

With only five people on the facility’s IT team, “security is on everybody’s mind,” says Network Administrator Virgil Eyer. Every day, the health system endures a constant barrage of cyberattacks, ranging “from all sorts of phishing attempts to highly convoluted schemes,” he adds.

The hospital is rolling out Microsoft 365, and a cybersecurity expert from the company is helping along the way. “It’s nice to have someone who has been there from the ground floor and can help out with any questions or concerns,” Eyer says.

Like Lakewood Health, Fulton County Medical Center has used penetration testing to identify network protection deficiencies, and it leverages open-source security tools where it can to keep costs to a minimum. The hospital also partners with other industry vendors, such as Barracuda Networks for its web and email gateway solutions.

Eyer and his team believe that there’s always room for improvement with cybersecurity.

“Our goal is to be proactive instead of reactive,” he says. “It’s all about making steady progress one step at a time.”

UP NEXT: Discover the top five vulnerabilities uncovered during penetration testing.

Photography By Matthew Gilson