Thursday, September 24 | Thought Leadership, Human Services, Post-Acute Care

5 Strategies to Increase Cybersecurity at Your Healthcare Organization

By Netsmart

With a 3,987%1 increase in COVID-19-related phishing attempts reported since March 1 of 2020, prioritizing cybersecurity is a must for the successful provider. While this number represents an increase across all verticals, healthcare organizations are extremely vulnerable to these targeted attacks due to the inherent value of healthcare data and its historic vulnerability. 

 

Healthcare organizations are often at risk of cyberattacks due to both a lack of dedicated IT resources to support continuous monitoring and reliance on traditional reactive approaches, such as antivirus and firewalls, to detect and prevent known threats. Given the speed with which adversaries can move within in an organization, a breach can infect devices across an entire network within minutes. In some cases, attackers occupy systems for months before launching a progressive attack.

 

As many healthcare organizations transitioned to remote work structures in the wake of COVID-19, organizations faced increased challenges securing endpoints outside of organizational firewalls. As a result, cyber attackers focused their efforts on these susceptible, external systems.

 

To aid organizations in protecting against these adversaries, Netsmart sponsored the webinar “Cybersecurity and healthcare: Defending your data” with Binary Defense Co-Founder and Chief Technology Officer, Dave Kennedy.

 

Learn five strategies all healthcare organizations should employ to protect against cyberattacks. 

 

1. Multi-factor authentication

 

Multi-factor authentication refers to the authentication method that requires the user to provide two or more forms of verification to gain access to a system.

 

For Kennedy, multi-factor authentication is the most important practice to implement in any environment. “While multi-factor identification won’t always stop hackers penetrating your organization,” said Kennedy, “it will stop credential re-use issues.”

 

By implementing this process, organizations can ensure a more complex access path, limiting the likelihood of a hacker gaining entrance. 

 

2. Endpoint detection and visibility 

 

Endpoint detection refers to the practice of safeguarding the data and workflows of individual devices that connect to your network. By identifying and securing these devices, you can ensure an additional layer of security as your team works from home or from a conventional setting. 

 

With increased visibility into your infrastructure, you can quickly identify and defend against cyberattacks. Incorporating a 24/7/365 security operations center (SOC) into your information security strategy allows for continuous monitoring by expert analysts for any attackers attempting to penetrate your infrastructure. 

 

Increased visibility and around-the-clock monitoring permit a human analyst to identify threats in real-time, provide security alarm notifications and, if needed, contain the threat by isolating the infected device. This blocks damage by reducing spread across your entire network. 

 

3. Network architecture and segmentation

 

By assessing your network architecture, Kennedy explains that you can identify potential points of unnecessary system linkage. Through a structural analysis, organizations can ‘segment’ or isolate systems, so if a device is hacked in your finance department, the spread stops there instead of moving across the enterprise. 

 

4. Cloud services security

 

While many organizations have migrated to cloud-based structures, this move reduces visibility to what is happening within the cloud.

 

By implementing a cloud services security strategy designed for healthcare, organizations adopt a set of policies, controls, procedures and technologies that work in tandem to protect cloud-based systems, e.g. electronic health records. 

 

5. End-user education and awareness 

 

As employees continue to work from home, Kennedy argues that “it is vital to protect users, to make sure they are educated.” 

 

With a vast array of unfamiliar technologies now indispensable for remote support and function, employees must be educated on VPN use, routers and firmware updates. Without this continuing education, an important frontline in your organization’s cyber-defense strategy is weakened.  

 

Working in conjunction, these five strategies can dramatically improve your organization’s cybersecurity posture reducing the risk of a HIPAA breach or disruption in the provision of care. 

 

To learn more about protecting your organization from the threat of a breach, watch the webinar in its entirety here.

 

1 Binary Defense

 

 

Meet the Author

Netsmart - color - PNG
Netsmart ·

From the CareThreads Blog

Webinar Recap: What’s Next for MCOs After EVV Compliance

Wednesday, September 28 | Value-based Care,Thought Leadership

As the upcoming EVV compliance timeline is quickly approaching, we thought it would be interesting to discover how the initial phase and implementation of EVV has affected managed care organizations (MCOs), and their provider networks. This blog recaps a recent Netsmart webinar that addressed the details of this topic with the talented Dr. Melissa Berdell, Director Fraud, Waste and Abuse at Highmark Wholecare.

More

Question, Persuade and Refer: The Importance of Suicide Prevention Training 

Wednesday, September 21 | Human Services

By understanding mental health and suicide go hand-in-hand we can take the first step in reducing suicide risk and help heal our families, friends and loved-ones heal and grow forward as a community.

More
CareThreads Blog Stock Image for SiteCore (370 × 158 px) (1)

Part 5: Current State of Peers in the United States - Demographics and Economic Impact

Monday, September 19 | Human Services,Thought Leadership,Value-based Care

In our most recent blog, The Role of Peers and Mutual Support in Alcoholics Anonymous, we discussed the fascinating history of Alcoholics Anonymous and its contributions to today's health care continuum. Evolving in parallel to the mental health peer movement, AA and its affiliate organizations, e.g., Narcotics Anonymous came to identical conclusions about the unique value of mutual support. Join Denny Morrison, as he unpacks how often peers are used, how they are credentialed and how they affect the economics of health care in the United States.

More