Managing healthcare cybersecurity in 2020 pt.1

February 27, 2020

•

Medical Devices

With significant data breaches hitting the headlines each year, healthcare cybersecurity is a major and expanding area for investment. Some experts predict the market will grow by almost 20% over the next five years, and it’s not difficult to see why.

Healthcare managers must protect significant, decentralised, systems containing vital personal data relating to millions of people. Post-GDPR, the consequences of failure are severe.

Cybercriminals constantly seek to gain access to this information – especially as many consider healthcare institutions to be soft and slow-moving targets. This data also has significant value on the dark web.

There are also many avenues of possible vulnerability – from data breaches, vandalism and extortion to so-called C-suite attacks, AI-driven malware and assaults from the computing cloud.

What’s more, significant outsourcing, third-party arrangements and personal device use provide further layers of cybersecurity complication (and potential exploits for criminals). Good cybersecurity combines the right technical barriers with the right culture and staff mindset, since most attacks exploit some kind of human interaction.

Growing IoT connectivity presents a further nuance to the cybersecurity challenge. The stakes could scarcely be higher here – directly impacting patient health, safety or even mortality. Healthcare leaders must ensure vital hospital facilities and power supplies can’t fall into the wrong hands – not to mention control of smart medical devices and implants.

It’s widely accepted that healthcare has lagged behind other industries when it comes to cybersecurity, and that the industry needs to close the gap. A 2018 PwC report concluded only 36 percent of global healthcare organizations have access management policies, and just 34 percent have a cybersecurity audit process.

Aside from protecting existing structures and safeguarding patients, optimized cybersecurity also helps to remove widespread barriers to innovation in the digital health space. Successfully addressing the challenge truly calls for a combined view of both the micro and macro issues.

Request more information today for a call back from a member of our sales team so that you can get a better understanding of how Compliance Navigator can meet your needs.

The Compliance Navigator blog is issued for information only. It does not constitute an official or agreed position of BSI Standards Ltd or of the BSI Notified Body. The views expressed are entirely those of the authors.