A nurse is scrambling for notes on a patient’s most recent assessment to confirm the proper dose of diphenhydramine and check for any updates on her condition. Once the nurse gets to his workstation and logs in to the internal computer system, he’s prompted with this:
Your data is inaccessible at this time. Submit a payment in the amount of 45 Bitcoin to receive a digital key to unlock your data. You have just 10 days to send us the Bitcoin. After 10 days, we will remove your private key, and your files will be permanently deleted.
As the IT professional, what do you do?
This situation parallels the harsh realities of cyber attacks, which are affecting all major industries in the world. Data security has been making headlines, especially in the national media, since large companies like Target and J.P. Morgan have been hit by cyber attacks.
Even more daunting, healthcare is one of the largest industries being targeted. A 2014 report from the Identity Theft Resource Center found that 42 percent of all cyber attacks occurred in healthcare. These attacks are devastating. The recent attack on MedStar hit the health IT world directly, acting as another recent reminder that the war for data is ongoing and not slowing down.
And the costs are staggering. A Ponemon Institute 2015 study found the net increase in cost of cybercrime is 82 percent over the last six years.
The safety of personal information and the high cost of breaches motivates a significant investment in beefing up security teams, not to mention the fact that such attacks could result in patients losing lives. The malware that hit MedStar prevented healthcare professionals from accessing crucial patient data, and even forced them to turn people away.
Needless to say, cybersecurity is one of the most important aspects of a strong health IT team. Let’s take a look at the role of security professionals, what the true costs and implications are of major cyber attacks, the various paths one can take in information security, and some tips for professionals looking for cybersecurity jobs: […]