PODCAST: AHA's Cybersecurity Leader John Riggi on the Evolving Cyber Threats Facing Healthcare
Within the healthcare industry, cyber threats are constantly evolving as the threat landscape changes, and executive leaders at patient care organizations all face the same daunting challenge of protecting information systems and patient data.
A recent report found that cyberthreats are continuing to increase and shift, and even though ransomware attacks are significantly declining, cyberattacks overall are on the rise. A Protenus Breach Barometer report found that 3 million patient records were breached in the second quarter of 2018 alone. At the same time, an IBM Security study found that the cost of a data breach for healthcare organizations continues to rise, from $380 per record last year to $408 per record this year. Overall, the healthcare industry continues to incur the highest cost for data breaches compared to any other industry.
Another report based on a survey of hackers uncovered some alarming results: about a quarter of hackers surveyed say they can complete a breach of a hospital or healthcare organization under five hours.
On top of all that, recent high-profile healthcare cybersecurity incidents in the past few months serve as a stark reminder that the healthcare industry continues to be a ripe target for attacks. One cyber attack on Singapore’s public health system, SingHealth, breached the records of 1.5 million people and targeted the country’s prime minister. The breach impacted about a quarter of Singapore’s population of 5.6 million people.
John Riggi, who serves in the newly created role of senior advisor for cybersecurity and risk with the American Hospital Association (AHA), sees the cyber threats against healthcare increasing in severity, complexity and frequency. Prior to his role at AHA, Riggi spent nearly 30 years with the FBI, including in the cyber division.
Riggi dives into the evolving cyber threats facing the healthcare industry right now, including sophisitcated criminal organizations, nation-state actors and cryptocurrency mining malware. Case in point, the incident of cryptocurrency mining on healthcare networks and other critical infrastructure networks increased by 1,000 percent from late 2017 to the present, Riggi says. He also discusses the implications of recent high-profile cyber incidents such as the hack at SingHealth.
The podcast runs about 13 minutes in length. You can listen to all Healthcare Informatics podcasts right here.