The HIMSS21 Healthcare Cybersecurity Forum took place Monday, Aug. 9. Almost all the sessions had two common themes when it comes to cybersecurity: collaboration and proactivity.
The panelists on the “Healthcare Cybersecurity Leadership Panel: State of the Industry”—Sri Bharadwaj, vice president of digital innovation and applications at the Mishawaka, Ind.-based Franciscan Alliance; Leon Lerman, cofounder and chief executive officer at the New York, New York-based cybersecurity platform Cynerio; and Adam Zoller, chief information security officer at the Seattle, Wash.-based Providence—all agreed that clinical devices continue to be the biggest threat to a health system's defenses.
Collaboration and being proactive includes involving third-party vendors. Bharadwaj commented, "Make sure you have a conversation with the vendors to understand what they're doing, if you don't have that dialogue, you're more vulnerable."
In a later session, “Are Your Endpoints Secured and Ready for a 5G World?,” Theresa Lanowitz, head evangelist at San Mateo, Calif.-based AT&T Business – Cybersecurity and Keith Weisman, senior director, systems engineering at Mountain View, Calif.-based SentinelOne, presented some highlights from the 2021 AT&T Cybersecurity Insights Report.
Some of those highlights include:
- Eighty-three percent concerned about the threat of web application attacks
- Sixty-seven percent executing or have completed a Zero Trust implementation, with 27 percent researching
- Fifty-seven percent who already completed IoT implementation believe devices will increase because of 5G and edge computing
- Fifty-two percent believe threats are a significant challenge to the availability and integrity of networks
Further, the report page states, as did Lanowitz and Weisman in their presentation, “Teamwork between IT and business leaders is key to a business' ability to grow and remain competitive.”
That said, the report also touches on preparedness noting that “One way to bolster courage is to prepare for and start planning the necessary changes for network security as transition moves relentlessly toward true 5G. The current security firefighting method has been necessary, but over time, in a newly minted, software-defined, and virtualized 5G plus edge network, organizations have options to protect their businesses in a better way.”
Additionally, “Network operators have designed 5G with better encryption and network slicing capabilities. But 5G requires a shared security responsibility, much like that in the public cloud. Every organization must keep that in mind.”
Overall, the collaboration and the proactivity themes were clear. The importance of clinicians working together with other leaders in their organization (and third-party vendors) to start being proactive and prepared will save businesses money, as when the network goes down due to a cyberattack the organization loses potential income. And more importantly, patient care and patient safety are delayed.
