The word "cyberattack" often conjures up images of a hacker stealing shoppers' credit card information from a retailer. And it's true, these data breaches do happen, often with a price tag of millions of dollars. But this is far from the only cybersecurity risk out there.
Cybersecurity is a top concern for the healthcare sector right now in particular, thanks in part to the rising popularity of the Internet of Things (IoT). Healthcare moving online can be a great thing for patient outcomes but a risk in terms of protecting patient records and healthcare devices. Cyber healthcare requires a new approach to cybersecurity, one that blends savvy preventative measures with cyber insurance to handle the aftershock of a hack.
Here are three angles that demonstrate why cybersecurity is a hot button issue in healthcare right now.
More Devices, More Risk
Medical practices used to have to worry about encrypting their computers; now they have to protect internet-connected medical equipment and mobile devices as well. These could range anywhere from insulin pumps to heart monitors, fitness trackers and more.
One recent healthcare survey showed, while 68 percent of physicians and 74 percent of patients agree that "the benefits of connected medical devices outweigh the risks," support for cybersecurity risk management standards across the healthcare industry is even higher (84 percent of patients and 87 percent of physicians agreed).
The potential for the IoT to transform healthcare is abundant, but only if cybersecurity standards are in place across the board to protect practices and patients. And right now, they aren't.
Frequency of Attacks Is Rising
Even when organizations expect cyberattacks, they aren't necessarily ready to handle them. The 2017 ISACA State of Cybersecurity Study found that 53 percent of security leaders reported an increase in cyberattacks in 2016 compared to the year before-more IoT adoption in healthcare, more potential entry points for hackers. Not even one in three organizations (31 percent) responded that they routinely test their security controls, 13 percent never test them and 16 percent have no incident response plan if a cyberattack does occur, reports Healthcare IT News.
Time Is of the Essence
Take a wild guess at what a former acting CIA Director called the second-largest and fastest-growing threat to the U.S. (after international terrorism). If you guessed cybersecurity, you're absolutely correct. As CyberScoop reports, Michael Morrell along with the former Homeland Security Secretary, Michael Chertoff, "noted the [healthcare] sector's exposure to ransomware, data theft and disruption of connected devices."
Both the public and private sectors must develop and implement cybersecurity procedures that center around preventing cyberattacks, reducing damage and protecting patients. Employee training, encrypting all devices and computers connected to the IoT and regularly testing security are all good starting points for healthcare providers.
And of course, cyber insurance for healthcare helps organizations with costs related to investigating breaches, supporting patients, covering lost income during hack-related downtime and more. Interested in insuring your practice in the face of rising cyber vulnerabilities? Start with a quote from CyberPolicy.