An EHR Systems Check-Up: 3 Use Cases for Updating Cyber Hygiene
Have you ever wondered how much your patient health record could garner on the black market? Whereas a cybercriminal only needs to shell out a mere dollar for your social security number, your electronic health record (EHR) is likely to sell for something closer to the tune of $50.
This is according to research firm Cybersecurity Ventures, who also projects healthcare cybersecurity spending to reach a cumulative $65 billion globally between the years 2017 and 2021. The healthcare industry has to shell out so much of their budget toward cybersecurity because of a few areas in which its systems are severely lacking.
Challenges in Healthcare Cybersecurity
This year’s Verizon Data Breach Investigations Report found that healthcare is the only vertical suffering from more insider breaches than external breaches. It’s not that doctors and nurses are spending their days slinging EHR files on the dark web: Much of the insider threat in healthcare is about a lack of basic cyber hygiene.
When foundational cyber hygiene practices like privilege escalation monitoring and security configuration management aren’t in place, human error takes the reigns.
Doctors put years of their life toward becoming medical experts, but the digitized nature of the systems they interact with daily demands that their training include a basic understanding of cybersecurity, as well — and they’re by and large not getting that training. And security teams at healthcare organizations are often lacking the tools and solutions they need to maintain HIPAA compliance, reduce the overall attack surface of their systems, and continuously monitor for vulnerabilities.
Let’s take a look at three use cases for dealing with some of the most pressing cybersecurity issues faced by the healthcare industry today.
1. Achieving System Hardening and Standards Alignment
Problem: You don’t use an internal hardened build standard to verify against (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Troy Thompson. Read the original post at: https://www.tripwire.com/state-of-security/healthcare/ehr-systems-cyber-hygiene/