888-530-9596

Is Cybersecurity A Team Sport?

security-policies

Isn’t healthcare a team sport? Could you imagine working on a patient in a vacuum with no help? You’d have to know everything, fill many different shoes and never have time to do anything other than work.

Think of all of the folks your organization depends on. You have billers, coders, accountants, not to mention all of the people in lab, radiology, dietary and other support roles. Without an entire team of people, your hospital or clinic would not deliver as effective care.

Cybersecurity is no different. As I’ve alluded in several of my recent talks, I see cybersecurity completely as a team sport.

What if your hospital had a cybersecurity plan that only one or a handful of cybersecurity ‘experts’ handled. What would happen if they controlled everything without any feedback from other members of your team?

You might have some serious headaches on your hands! Just thinking of email, I could imagine a security team that didn’t understand or want to actually understand how other members of your team used their email, your team probably would struggle not being able to effectively communicate.

In cybersecurity information sharing is key.

Especially in healthcare security, facilities should be collaborating with information systems and security team members to respond to new threats.

In the current environment where cyberattacks are specifically targeting rural healthcare, we can no longer afford to go at security alone—relying on one or a handful of security specialists to keep hundreds of workers safe. We cannot simply operate as individuals, in a silo without guidance from other departments.

On the other side of the table, hackers are actually collaborating on new offenses—and sometimes are even working with the support of foreign governments. Can we as healthcare organizations rely simply on information security departments alone to fend off all attacks?

Security experts are underscoring the need for a collective defense in a landscape consisting of a collective offense.

What do I mean when I say coordination is the best defense?

We have found that the majority of hospitals and clinics lag behind when it comes to connecting security to users. What I mean here is not having any real-time monitoring or information sharing across your teams and departments.

As threats become more robust, focusing on specific users or roles in your organization, we need to open up channels to help teams understand about how security will impact user experience. We need back and forth dialogue across your entire team on where their role in security falls and how they can empower themselves to keep your network and data secure.

The only way to data security in the modern age is to get everyone on the same page.

While this concept is not new, it is a growing need.

The state of healthcare lags well behind other industries. Recent studies have ranked healthcare cybersecurity at the end of the pack behind other organizations when it comes to shoring up data breaches and cyberattacks.

It might be partially related to the volume of sensitive data we have to work with day in and day out. But experts are underscoring our responsibility and need to keep our patients safe. We all have one mission in keeping our communities healthier. Healthier in mind and body. Cybersecurity can help in ensuring the health of our patients’ and teams’ information.

But it goes much farther than that. What happens when news of a hospital or clinic data breach goes public?

Recent findings show that people tend to stay home. If their information cannot be entrusted to doctors and other medical staff, their trust in getting help erodes too. Cybersecurity and attacks on rural healthcare is extremely concerning because many of the people we are trying to help are the ones that have few options when it comes to access of healthcare.

If our organizations aren’t completely on board with protecting their data and ensuring the privacy of their sensitive records, we won’t effectively be able to keep data private.

The way many organizations are approaching IT security has been like playing a game of Whac-a-Mole. They’re trying to cover every hole when they are discovered. What scares me is when the game gets harder (when there are dozens of moles in the game), people start making mistakes and losing track of their mission to keep your network secure. When your IT team is inundated with user issues or printer problems, are their heads focused on making sure your network is patched or system is secure? Probably not.