Governance, training and, yes, monitoring can go a long way to reducing a system’s risk, expert says.
A healthcare organization’s workforce is its greatest cybersecurity threat, but there are reliable steps organizations can take to lessen the risks, said Kurt Long, founder and CEO of FairWarning, a cybersecurity firm that protects patient information in more than 8,000 healthcare facilities worldwide.
“People are the greatest vulnerability statistically, whether it’s the Verizon breach report, the IBM breach report, or any other survey being conducted, statistically it is obvious the workforce is untrained and vulnerable,” Long said. “Most of these breaches start by an inside user making a mistake. But 45 percent of all the breaches in the IBM breach report were malicious insiders. The solution is much more holistic than the industry currently thinks, and until we wrap our hands around the people problem, there is no amount of technology that is going to make a dent in breaches.”
Luckily, there are a variety of approaches that healthcare organizations can take to tackle the people problem.