Cyber Security in Health Care Still Struggling: What You Should Know
March 18, 2019
The health care industry is still having a hard time getting its cyber security under control, despite ongoing knowledge that the sector is among the most vulnerable to attack compared to most others. It’s worth examining why the health sector faces these challenges and what can be done to remedy the problems.
The Medical Sector Experiences Twice the Number of Attacks as Others
According to statistics, there are approximately twice the number of attacks in health care as other industries. One of the reasons for this is that many health systems have broad reach. An incident that originates in one state or country may spread much further than a single location, thereby making the results more substantial for hackers.
Research also shows that health care facilities are not adequately prepared against cyber attacks. According to one investigation, only 33 percent of local health departments had a plan to respond to cyber attacks.
Hackers Know They’ve Seized Urgently Needed Material
Due to the number of people who use health facilities and the sensitive data contained within, hackers know that these targets could result in higher-than-average payoffs for successful attacks. They also realize that, in the case of ransomware attacks, the victims may be so desperate to retrieve the data that they will pay the ransom.
Once hospitals are alerted to the issue, their systems are often completely shut down for days, forcing providers to switch to pen and paper systems. Fortunately, facilities can limit the access hackers have to patient files. These steps don’t guarantee cyber criminals won’t gain access, but they could limit their damage.
These Attacks Disrupt Patient Care
Some cyber attacks are so severe that they prevent hospitals from adequately caring for patients. Because of the risk of hackers targeting not only patient records but also the devices used to treat patients, the U.S. Food and Drug Administration (FDA) unveiled a new action plan to secure medical devices. The organization also aims to create more oversight in the industry and wants to enforce mandatory software patching when needed.
There’s a Lack of Resources
Despite a rise in IT spending at hospitals, the average amount devoted to IT is still only from two to four percent of an overall budget. Also, many hospitals intend to implement newer, better tech but have yet to do so.
Data published in 2017 shows that there are only 5,564 medical facilities in the United States. When niche developers serve those customers, they may not have the resources to update their applications with sufficient frequency.
How Should Hospitals Respond?
The rising number and type of potential cyber attacks are challenging for health care facilities. However, automated threat detection could detect strange network traffic and alert IT representatives before infiltrations become more severe. It’s also necessary for health facilities to stay aware of industry trends.
Finally, hospitals must realize that improving cyber security is not something that can occur quickly or through a one-time effort. Ongoing diligence and investments are needed to keep threats at bay and reduce the likelihood of attacks that cause extensive downtime.
To learn more, visit https://staysafeonline.org/blog/cybersecurity-health-care-still-struggling/