Now is the Time to Improve Cybersecurity Protocols

As hospitals and other healthcare facilities invest in new technologies, it is essential that managers stay on top of cybersecurity.

By Mackenna Moralez

Whether it is having to enable multiple-factor authentication on social media accounts or major plot lines in television shows, the world is more aware of cybercrimes than ever.  

In February, the Cybersecurity and Infrastructure Security Agency (CISA) issued a “Shields Up” message to all U.S. organizations, including hospitals and other healthcare facilities. The message urges organizations to take immediate steps to enhance their ability to detect and protect against cyber intrusion as the Russian invasion into Ukraine continues.  

While there is no current threat to Americans, it is essential that everyone remains alert when it comes to cybersecurity. CISA recommends the following steps to ensure protection:  

  • Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging in order to better investigate issues or events.  
  • Confirm that the organization’s entire network is protected by antivirus and antimalware software and that signatures in these tools are updated.  
  • If working with Ukranian organizations, take extra care to monitor, inspect and isolate traffic from those organizations, and closely review access controls for that traffic.   

Despite consistent urges from shareholders to beef up their security operations, the global cybersecurity workforce is 65 percent smaller than it should be, according to a study by (ISC)2.  In the next 12-24 months, cybersecurity will need to be prioritized within all organizations.  

A study by ExtraHop found that 85 percent of surveyed organizations reported a ransomware attack within the last five years. Meanwhile, 74 percent reported having several attacks against their organization. Hospitals and other healthcare facilities are a key targets because they have a high number of electronic devices, IT systems are outdated, and healthcare staff are too busy to stay updated on  cybersecurity training. 

“Research reveals that organizations have already experienced tremendous challenges related to their cybersecurity, and unfortunately, more impacts are on the horizon,” says Anthony Gadient, CEO, Synaptic Security in a press release. “At the start of 2021, companies were struggling to handle the increasing complexity of cyberattacks. New vulnerabilities have further impacted organizations’ preparedness levels, putting them in a more vulnerable state or leaving them even further behind. It’s urgent for organizations to close this cybersecurity gap as it threatens other top business initiatives.” 

Attacks against healthcare facilities are making it harder to distinguish between real and phishing attempts. Every second counts when an initial threat is made, yet many healthcare facilities do not have the proper means to fight off an attack. While most organizations agree that it is good to disclose ransomware attacks, only 39 percent of ExtraHop respondents said they were completely transparent about attacks, according to the report. However, the longer a healthcare facility delays disclosure, the more negative impacts it faces as patients and families will lose trust in its ability to care for them properly.  

It is up to hospitals and other healthcare facilities to ensure that their patients’ personal information is safe. Managers must regularly communicate with residents and patients about the way their data is being used, stored, shared and protected. Having an open dialogue helps build trust within the facility and can bring in more patient recommendations.  

“Organizations must be vigilant and implement incident-response plans, actively monitor their systems and data and evaluate the security aptitude and quality of their third-party partners and service providers,” says Michael Borromeo, vice president of data protection with Stericycle. “Implementing proactive information security practices, procedures and controls must be a part of every healthcare organizations’ operational strategy. It is non-negotiable, as human lives are literally on the line.” 

Mackenna Moralez is assistant editor with Healthcare Facilities Today. 

March 8, 2022

Topic Area: Information Technology , Security

Recent Posts

Selecting the Right Team for Healthcare Projects

Focusing on key criteria ensure design and construction teams deliver a facility that is safe, functional and tailored to a specific healthcare setting.

How the Ascension Ransomware Attack Happened

An employee mistakenly downloaded a malicious file.

Community Health Network Announces New Central Indiana Campus

The new 425,000-square-foot facility is expected to be completed in mid-2026.

Lighting and Wayfinding: Keys to Senior Independence

Lighting can make wayfinding more manageable in senior living communities.

RUHS and PMB Break Ground on The Wellness Village Project

The 445,000-square-foot integrated health village is slated for completion in 2026.


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.