In the wake of unprecedented security breaches across the healthcare sector, providers and health systems are urgently reassessing their cybersecurity strategies to mitigate the devastating impacts of these incidents. In partnership with Becker’s Healthcare, Rectangle Health convened a panel of industry experts to dissect the evolving threats to healthcare organizations and to offer actionable steps for minimizing risks and enhancing recovery processes.
The webinar, “Post-Disruption Defense: How to Safeguard Healthcare Operations in the Era of Cyberattacks” is free to view on-demand and contains vital insights for how to keep your healthcare organization protected in this time of elevated risk. Here are five key takeaways:
#1 – Understand the Evolving Risks to Healthcare Cybersecurity
Gary Salman, CEO of Black Talon, a cybersecurity firm that specializes in healthcare, highlighted that according to the FBI and Department of Justice 2023 Digital Crime Report, healthcare has emerged as the most targeted industry by cybercriminals. He described the adversaries as “highly technical, highly organized, sometimes government-oriented hacking groups with access to some of the most sophisticated code.”
Cyber threats are accelerating in frequency and complexity. Whereas cybersecurity assessments were conducted quarterly just a few years ago, today’s necessity for multiple daily assessments illustrates the rapid evolution of cyber tactics.
The long-term consequences of cyber breaches extend far beyond immediate operational disruptions, which can now last from two to six weeks. Organizations must potentially navigate HIPAA violations, substantial financial penalties, potential class-action lawsuits, impacts on mergers and acquisitions, and the loss of patient trust and retention.
#2 – Assess Your Attack Surface
The attack surface of a healthcare organization encompasses all potential entry points for cyber threats, which may be physical, digital, or social. As organizations expand, so does their tech stack and, consequently, their vulnerability to attacks.
Brian Colao, director of the DSO Industry Group at the law firm Dykema, underscored the complexity of managing third-party risks: “Medical groups must handle multiple layers of third-party interactions, but the ultimate responsibility for breaches falls on them, regardless of the source.”
Third-party services and tools represent a critical area of vulnerability. As Gary Salman noted, “Even if you’ve secured your systems, breaches in third-party services can still compromise your data. It’s vital to continuously assess these relationships and ensure that these entities adhere to stringent security standards.”
#3 – Engage Third-Party Cybersecurity Specialists
While in-house IT departments are an essential element of your organization’s cybersecurity posture, the increasing sophistication of cyber threats can put a tremendous strain on internal teams. Engaging third-party cybersecurity specialists can provide a deeper level of security analysis and proactive defense measures.
Mike Peluso, Chief Product and Strategy Officer at Rectangle Health, advocates for the strategic investment in cybersecurity expertise: “The cost of engaging external cybersecurity experts is minimal compared to the potential losses from a single breach. These specialists can identify and mitigate risks that might not be apparent until an actual attack occurs.”
Peluso further explains the role of third-party specialists in creating robust defense mechanisms, “They simulate potential attacks, testing the resilience of systems under stress, and helping to craft bespoke strategies that guard against both current and emerging threats.”
#4 – Establish a Business Continuity Plan
Along with observing best practices, organizations should have a plan in place in the unfortunate event of a breach. Even the first order effects of a security incident can put tremendous strain on a business, as Mike Peluso notes: “if an attack happens, you have an acute loss of EBITA. That’s two to three weeks of lost revenue, if everything goes right, and if a few things go wrong, it could be a couple of months. Losing that type of EBITA is just horrible for an organization.”
A comprehensive business continuity plan is crucial for maintaining operations during, and after, a cybersecurity incident. This plan should include protocols for rapid response, data recovery, and maintaining critical operations uninterrupted.
Partnerships with third-party security firms are essential for regular system assessments and as a point of contact during emergency responses. Adequate insurance coverage is also critical to mitigate financial losses in the event of a breach.
Additionally, diversifying revenue streams can help buffer the financial impact of operational downtimes caused by cyberattacks. This strategy is increasingly vital as the frequency and severity of cyber incidents within the healthcare sector continue to rise.
Wrapping Up: Building a Culture of Security at your Organization
Achieving robust cybersecurity in healthcare requires more than technological solutions; it demands a holistic approach and a culture of security awareness. As Gary Salman aptly puts it, “Security is not just about the tools you deploy — but about the proactive strategies and preparedness of the entire organization.” So, wherever your organization falls on the spectrum of cybersecurity preparedness, it is always worth assessing your security posture and taking steps to address problems before they start.
Is your organization prepared to withstand the evolving threats in today’s cybersecurity landscape? Take the first step to finding out with our free HIPAA Gap Assessment which offers a comprehensive evaluation of your organization’s compliance vulnerabilities, a compliance risk score, along with actionable steps to ensure long-term peace of mind.
