<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo


Three Areas of Cybersecurity Strength for Hospitals During a Pandemic


These are strange times. As information security leaders across the globe watch their attack surface multiply with the rise of remote work, catalyzed by COVID-19, cybersecurity teams in healthcare are particularly pressured because they are in charge of keeping not one, but two worlds, secure.

As society turns to healthcare organizations and hospitals for help in this crisis, information security leaders at these institutions are facing an exponential increase in medical IoT (MIoT) devices coming online and increased interest from the hacker community to capitalize on the situation within the hospitals themselves as well. They are in charge of protecting not just remote workers, but the hospitals themselves and the healthcare workers who are treating the patients in need. From attacks on the WHO to spreading misinformation to hospitals hit by ransomware in the face of a pandemic, we must gather together as a community more than ever to support the information security practitioners that make sure healthcare professionals can continue to treat patients in dire straights.

In this troubling time, we are sharing best practices that are great to track, when possible, for information security leaders and practitioners in the hospital ad healthcare sector. As one of the most targeted attacks during the COVID-19 crisis, the leaders of hospital information security organizations can focus on a few key initiatives to help support and protect that essential work being done both on and offline.

Training and Awareness in a Pandemic

With the increased coverage of healthcare workers in light of the novel coronavirus, phishing attacks targeted at these professionals are on the rise. For a rapid turnaround, ensure that all members of the healthcare system know the basics of what a phishing attempt looks like. It is in times of heightened emotions that the scrutiny that we usually expect can no longer apply. Know what phishing attacks for your organization have looked like in the past and make sure that your organization is aware.

Keep Your Anti-Virus and Anti-Malware up to Date

While there is almost always a human element to an attack, as security practitioners there are ways we can reduce the potential of an attack. Start with making sure that your anti-virus and anti-malware software is up to date. In most cases, you can turn on automated updates to ensure that your software is always up to date.

Multi-Factor Authentication for Both Employees and Patients

Especially when working with a patient portal, adding another layer of security beyond username and password helps secure both the patient as well as the hospital’s systems. Given the rise of cyber attacks across sectors, consumers are now used to 2FA or MFA and will expect that added layer of security.

Moving forward - monitor, monitor, monitor

The best course of action in the face of a potential attack is knowing that a bad actor has breached the perimeter before they can do any sort of damage. In both the cases of remote workers as well as at the hospitals and healthcare centers, ensure that your organization has strong monitoring capabilities and an incident response plan in place should an attacker make it to the inside. Knowing what to prioritize for both hardening security as well as having policies and procedures in place should an attack occur is crucial to staying secure during this unprecedented event.

You may also like

NIST vs. ISO –What You Need To Know
on June 24, 2022

Organizations are increasingly on the lookout for ways to strengthen their cybersecurity capabilities. Many have found solace in compliance frameworks that help guide and improve ...

Top 5 Recommendations For Your ...
on June 22, 2022

Discover, design, validate, promote, and sustain best practice cyber protection solutions to safeguard your people and processes. As the cyber attack surface expands, the Center ...

June Product Update
on June 21, 2022

It’s a celebration! 🎵♪🎵♪ ♩Automate your scores, come on (Let’s automate) Automate your scores, come on (Let’s automate) There’s a party goin’ on right here An automation to last ...

Why You Need CIS Controls for ...
on June 17, 2022

The Center for Internet Security (CIS) is a non-profit organization that helps public sectors and private sectors improve their cybersecurity. The organization aims to help small, ...

Small Business Cybersecurity ...
on June 15, 2022

To achieve peace of mind in the modern threat landscape, small business owners must have a solid security strategy and budget in place. VIPRE’s SMB Security Trends report state ...

Do Small Businesses and Startups ...
on June 10, 2022

Did you know that about 60% of small businesses shut down within 6 months by falling victim to a data breach or cyber-attack, where the average global breach cost hovers at $3.62 ...