Cybersecurity: The Next Wave in Emergency Preparedness

Article

Is your organization prepared to handle a cyber attack?

When thinking of emergency preparedness, we tend think of dangers like bioterrorism, natural disasters, and pandemic influenza. Although those are all valid concerns, preparedness shouldn’t stop there. In fact, it may be time for many organizations to shift their focus and raise awareness about cyberattacks.

Cyberattacks threaten health systems and other institutions. Consequences range from identity theft, to intellectual property theft, to HIPAA violations, which often result from cyber criminals sending e-mails with content that, once opened by the recipient, compromises information by corrupting files or denying access.

Preparation for a cyberattack is imperative, particularly for large health systems. Results of an IBM study showed that health care organizations have surpassed banks as the most attacked institutions, pegging 2015 as “the year of the health care breach.”

Preparing for these events as we would for other disasters ensures proactivity and quick and effective response.

Where to Begin?

Successful response results from adequate preparedness. Both depend on the smallest entity, which is the individual.

Training

Staff is responsible for 80% of security-related incidents. That statistic alone should be enough encouragement for employers to prioritize training.

Ideally, staff members will:

· Complete training before getting access to company equipment and networks. An understanding of company policy and basic network safety is crucial.

· Understand the importance of passwords. Eight-character passwords that avoid dictionary terms are most secure, and multifactor authentication involving 2 separate methods is recommended.

· Know how to recognize and report suspicious e-mails and occurrences.

Information Technology (IT)

The IT team is responsible for the installation, support, and management of the systems we use.

It’s also responsible for maintaining up-to-date software and equipment that aligns with industry standards.

Some proactive IT measures include:

· Monitoring network traffic for anomalous activity. Staff sets a baseline for standard traffic in the network and monitors any strays from that normal behavior.

· Implementing a zero trust model. There are no trusted zones in a network, and properly segmenting it blocks methodologies like advanced persistent threats.

· Performing periodic penetration tests to find points of vulnerability. This is akin to safety drills for other disasters.

· Performing proper patch management. Manufacturers regularly release security patches meant to cover newly discovered holes in software.

Preparedness for Response

IT security staff will initiate a system-wide response once alerted to an attack. As with any disaster, an emergency kit is only prudent.

A disaster supply for attempted cybercrime can include protected equipment on a separate network known as a disaster recovery site. Any data essential to business continuity should be backed up to that site. As with any disaster kit, the team should check it routinely to update and back up new data.

Is Your Organization Prepared?

That depends on how you’d answer many questions, including:

What would happen if your entire network were compromised right now?

Could you access critical data?

In what amount of time could you restore operations?

Security is an evolving field with cyber criminals using different attack vectors to access internal resources. The threat landscape is constantly changing, and a solution that protected a system 3 years ago won’t provide sufficient protection today. This stresses the need for a serious look at organizations’ cybersecurity and response to threats.

It’s true that it’s the IT staff’s job to minimize the attack surface and ensure that the network can’t be compromised, but it’s health care leaders’ job to recognize the importance of a properly managed system, and it’s the staff’s job to follow procedures and protocols.

Like other emergency preparedness, cybersecurity needs to start at individual users and extend throughout a well-organized system led by those who appreciate its importance.

Related Videos
Semaglutide Ozempic injection control blood sugar levels | Image Credit: myskin - stock.adobe.com
Image credit: motortion | stock.adobe.com - Young depressed woman talking to lady psychologist during session, mental health
Image credit: JPC-PROD | stock.adobe.com - Choosing method of contraception : Birth control pills, an injection syringe, condom, IUD-method, on grey
Semaglutide Ozempic injection control blood sugar levels | Image Credit: myskin - stock.adobe.com
Health care provider examining MRI images of patient with multiple sclerosis -- Image credit: New Africa | stock.adobe.com
Related Content
Image credit: sdecoret | stock.adobe.com

FDA Approves Vedolizumab for Maintenance Therapy to Treat Crohn Disease

April 19th 2024
Article
Pharmacy Focus: Policy Edition - Discussing the DRUG Act and PBM Reform

Pharmacy Focus: Policy Edition - Discussing the DRUG Act and PBM Reform

April 5th 2024
Podcast
United States America healthcare medical concept - stethoscope on American flag - Image credit: MargJohnsonVA | stock.adobe.com

Gap in Medicaid Impacts Access to Services for Justice-Involved Patients

April 19th 2024
Article
Pharmacy Focus: OTC Contraception and Reproductive Health

Pharmacy Focus: OTC Contraception and Reproductive Health

March 29th 2024
Podcast
Condoms and birth control pills in purse on pink background, top view with space for text. Safe sex - Image credit: New Africa | stock.adobe.com

OTC Contraception Opens New Opportunities for Counseling Patients

April 18th 2024
Article
Man sleeping in bed wearing CPAP mask | Image Credit: sbw19 - stock.adobe.com

Tirzepatide Demonstrates Reduction in Sleep Apnea-Relate Events

April 18th 2024
Article
© 2024 MJH Life Sciences

All rights reserved.