July 9, 2015 – Hackensack, NJ – As important as digital security measures are in any industry, they are becoming increasingly so within healthcare environments, which, according to the former NSA tech director, have become prime targets for cybercriminals.
In an article featured on Healthcare IT News, Richard George, who spent 41 years with the U.S. National Security Agency, stresses that healthcare organizations need to come to terms with this reality—and quickly. In fact, slack security cost U.S. hospitals an estimated $1.6 billion in 2014, with 61 percent of healthcare organizations nationwide reporting at least one security-related incident that year, according to a health IT report by MeriTalk, an organization that aims to improve governmental information technology.
Interconnectedness between systems, while becoming increasingly necessary, is a major reason for the industry’s vulnerability to cyber-attacks. George explains that every action taken by each person on a hospital’s network—often including a wide variety of individuals, such as physicians, students, professors and researchers—is a “risk management decision,” but most people don’t realize they’re making such decisions or understand what their impact could be.
“There are very few places where you can insert malware into a network that causes people to die,” George says. “But a hospital is a prime example.”
There are innumerable motivations for cybercriminals to target healthcare organizations. A very serious example George points to is how electronic medical records could be appealing targets for terrorists, as this information could offer the possibility for causing deaths. Given these tremendous risks, George urges healthcare organizations to take the appropriate precautions to protect their data and not skimp on security.