<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

Healthcare

Three Areas of Cybersecurity Strength for Hospitals During a Pandemic

down-arrow

These are strange times. As information security leaders across the globe watch their attack surface multiply with the rise of remote work, catalyzed by COVID-19, cybersecurity teams in healthcare are particularly pressured because they are in charge of keeping not one, but two worlds, secure.

As society turns to healthcare organizations and hospitals for help in this crisis, information security leaders at these institutions are facing an exponential increase in medical IoT (MIoT) devices coming online and increased interest from the hacker community to capitalize on the situation within the hospitals themselves as well. They are in charge of protecting not just remote workers, but the hospitals themselves and the healthcare workers who are treating the patients in need. From attacks on the WHO to spreading misinformation to hospitals hit by ransomware in the face of a pandemic, we must gather together as a community more than ever to support the information security practitioners that make sure healthcare professionals can continue to treat patients in dire straights.

In this troubling time, we are sharing best practices that are great to track, when possible, for information security leaders and practitioners in the hospital ad healthcare sector. As one of the most targeted attacks during the COVID-19 crisis, the leaders of hospital information security organizations can focus on a few key initiatives to help support and protect that essential work being done both on and offline.

Training and Awareness in a Pandemic

With the increased coverage of healthcare workers in light of the novel coronavirus, phishing attacks targeted at these professionals are on the rise. For a rapid turnaround, ensure that all members of the healthcare system know the basics of what a phishing attempt looks like. It is in times of heightened emotions that the scrutiny that we usually expect can no longer apply. Know what phishing attacks for your organization have looked like in the past and make sure that your organization is aware.

Keep Your Anti-Virus and Anti-Malware up to Date

While there is almost always a human element to an attack, as security practitioners there are ways we can reduce the potential of an attack. Start with making sure that your anti-virus and anti-malware software is up to date. In most cases, you can turn on automated updates to ensure that your software is always up to date.

Multi-Factor Authentication for Both Employees and Patients

Especially when working with a patient portal, adding another layer of security beyond username and password helps secure both the patient as well as the hospital’s systems. Given the rise of cyber attacks across sectors, consumers are now used to 2FA or MFA and will expect that added layer of security.

Moving forward - monitor, monitor, monitor

The best course of action in the face of a potential attack is knowing that a bad actor has breached the perimeter before they can do any sort of damage. In both the cases of remote workers as well as at the hospitals and healthcare centers, ensure that your organization has strong monitoring capabilities and an incident response plan in place should an attacker make it to the inside. Knowing what to prioritize for both hardening security as well as having policies and procedures in place should an attack occur is crucial to staying secure during this unprecedented event.

You may also like

October Product Update
on October 3, 2022

Hey, Jimmy - is it really always 5 o’clock somewhere? If not, it should be! With this release, we’re focusing on empowering our customers to work smarter, not harder. Whether ...

How Does FAIR Fit into ...
on September 26, 2022

The Factor Analysis of Information Risk (FAIR) methodology breaks down risk into elements that organizations can compute, understand, analyze and quantify cyber threats and their ...

All-in-One Cybersecurity Board ...
on September 19, 2022

CISOs and Board Members can no longer ignore the importance of cybersecurity. New cyber attacks and threats surface every week and threaten the security of business operations. ...

Rules for Effective Cyber Risk ...
on September 12, 2022

Cybersecurity threats are becoming more challenging for businesses. According to PurpleSec’s Cyber Security Trend Report in 2021, cybercrime surged by 600% during the pandemic, ...

A Pocket Guide to Factor Analysis ...
on September 14, 2022

FAIR, short for Factor Analysis of Information Risk, is a risk quantification methodology founded to help businesses evaluate information risks. FAIR is the only international ...

Your Guide to Cyber Risk ...
on August 30, 2022

During the pandemic, online businesses flourished as people turned to e-commerce stores to shop from the comfort and safety of their homes. This unprecedented expansion of ...