While cyber security breaches continue to top headlines across industries, it seems that hackers have taken a special interest in the healthcare industry. According to Healthcare’s Electronic Protected Health Information (ePHI), patient medical records can be sold for as much as $100 each on the Dark Web. This lucrative market is continuing to provide the demand side of the equation that fuels hackers to exploit a poorly protected industry.As patient information becomes more readily available in digital format and both medical staff and patients use IoT devices more frequently, security risks continue to increase. Often, professionals access these records from personal devices for the sake of convenience without any policies or encryption in place.The 2017 State of Privacy and Security Awareness Report found that 78 percent of healthcare employees showed some lack of preparedness with common privacy and security threat scenarios.With the healthcare industry continuing to become more intertwined with technology, so too should security become more integrated into each medical professional’s training. Often, those professionals are susceptible to phishing and ransomware, meaning that had basic security training been in place, many incidents could have been prevented.“Beyond training geared toward HIPAA compliance, healthcare employees need a comprehensive approach to awareness education that includes security and privacy awareness,” researchers explained. “Keeping within HIPAA regulations, while vital, does not educate users on how to spot a phishing attack, for example. Additionally, mere compliance does not equate to a fully security-aware culture.”A recent HIMSS survey shows that ransomware was the top cyber security trend in the industry, affecting 78 percent of providers. Looking to recent events like the WannaCry ransomware outbreak, we see that the problem goes beyond proactive security, but reactive as well. Organizations like Britain’s NHS hospital system failed to patch their vulnerable systems quickly, causing widespread damage.At Cybrary, we’re committed to making free resources available to professionals in every industry. For medical professionals, we offer a FREE HIPAA Course
as well as an End User Security Awareness Course.
That said, the scope of HIPAA expands beyond doctors and nurses to include HR staff and third-party administrators, providing them the information necessary to be compliant. The Cybrary HIPAA cours
e is designed to instill the principles involved in data system security procedures.In addition to providing free training for medical professionals, Cybrary is also making an effort to attend more healthcare related events. This year, you can meet the team at the HIMSS Conference in Las Vegas
, which brings together 45,000+ professionals from around the world for five days of education, innovation, and collaboration to help uncover the promise of health information and technology. Cybrary will be at booth 8500-22 in the Cyber Command Center from March 5th
.On March 7th, Cybrary COO Kathie Miley will address the solutions to the cyber security talent shortage. "The Mystery Behind the Cyber Skills Gap: Solved
" examines why there is such a severe shortage of skilled cyber security professionals. This discussion will center on data from Cybrary's De-Classified Report, which surveyed over 3,100 Cybrary members. Discover what the key findings of the report indicate for the industry if immediate action is not taken.Olivia Lynch (@Cybrary_Olivia)
is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.