<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo


Three Areas of Cybersecurity Strength for Hospitals During a Pandemic


These are strange times. As information security leaders across the globe watch their attack surface multiply with the rise of remote work, catalyzed by COVID-19, cybersecurity teams in healthcare are particularly pressured because they are in charge of keeping not one, but two worlds, secure.

As society turns to healthcare organizations and hospitals for help in this crisis, information security leaders at these institutions are facing an exponential increase in medical IoT (MIoT) devices coming online and increased interest from the hacker community to capitalize on the situation within the hospitals themselves as well. They are in charge of protecting not just remote workers, but the hospitals themselves and the healthcare workers who are treating the patients in need. From attacks on the WHO to spreading misinformation to hospitals hit by ransomware in the face of a pandemic, we must gather together as a community more than ever to support the information security practitioners that make sure healthcare professionals can continue to treat patients in dire straights.

In this troubling time, we are sharing best practices that are great to track, when possible, for information security leaders and practitioners in the hospital ad healthcare sector. As one of the most targeted attacks during the COVID-19 crisis, the leaders of hospital information security organizations can focus on a few key initiatives to help support and protect that essential work being done both on and offline.

Training and Awareness in a Pandemic

With the increased coverage of healthcare workers in light of the novel coronavirus, phishing attacks targeted at these professionals are on the rise. For a rapid turnaround, ensure that all members of the healthcare system know the basics of what a phishing attempt looks like. It is in times of heightened emotions that the scrutiny that we usually expect can no longer apply. Know what phishing attacks for your organization have looked like in the past and make sure that your organization is aware.

Keep Your Anti-Virus and Anti-Malware up to Date

While there is almost always a human element to an attack, as security practitioners there are ways we can reduce the potential of an attack. Start with making sure that your anti-virus and anti-malware software is up to date. In most cases, you can turn on automated updates to ensure that your software is always up to date.

Multi-Factor Authentication for Both Employees and Patients

Especially when working with a patient portal, adding another layer of security beyond username and password helps secure both the patient as well as the hospital’s systems. Given the rise of cyber attacks across sectors, consumers are now used to 2FA or MFA and will expect that added layer of security.

Moving forward - monitor, monitor, monitor

The best course of action in the face of a potential attack is knowing that a bad actor has breached the perimeter before they can do any sort of damage. In both the cases of remote workers as well as at the hospitals and healthcare centers, ensure that your organization has strong monitoring capabilities and an incident response plan in place should an attacker make it to the inside. Knowing what to prioritize for both hardening security as well as having policies and procedures in place should an attack occur is crucial to staying secure during this unprecedented event.

You may also like

Compliance and Regulations for ...
on January 9, 2023

Compliance for many cybersecurity programs has been the cornerstone and the catalyst for why many programs exist in the first place. Since the rise of the information technology ...

Cyber Risk Quantification: Metrics ...
on January 6, 2023

Risk management is the new foundation for an information security program. Risk management, coupled with necessary compliance activities to support ongoing business operations, ...

Padraic O'Reilly
Cybersecurity Maturity Models You ...
on December 30, 2022

Cybercrime has forced businesses worldwide into paying billions of dollars yearly. As more of the population becomes dependent on technology, the fear of cyber attacks continues ...

Top 10 Risks in Cyber Security
on December 23, 2022

Increasing cyber security threats continue creating problems for companies and organizations, obliging them to defend their systems against cyber threats. According to research ...

Governance and Process Automation
on December 21, 2022

Any enterprise operating at scale understands the need for standardization and strong corporate governance. Having served Fortune 50 companies for decades, I have seen the ...

Jerry Layden
Introducing Crosswalking Templates
on December 19, 2022

Crosswalking can be a handy tool to view control performance for a single asset/system against multiple frameworks. One can complete an assessment using one framework by ...