Upload
matthew-j-mcmahon-
View
86
Download
0
Embed Size (px)
Citation preview
Rhode Island Corporate Cybersecurity Initiative
Cybersecurity and Healthcare
Why is Cybersecurity Important?
Hospital Hacks on the Rise
• In 2014, 40 percent of healthcare organizations reported being attacked by malware designed to steal data.
• In 2015 the stats are closer to 90 percent.
• In August 2015 , Websense reported a 600 percent increase in cyber attacks on hospitals over the previous 10 months.
• Under federal law, hospitals are only required to report potential medical data breaches involving more than 500 people.
http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.htmlhttps://www.technologyreview.com/s/533631/2015-could-be-the-year-of-the-hospital-hack/http://www.insurancejournal.com/news/national/2015/05/07/367165.htm
Why the Increase in Attacks?
• Medical organizations across the world are switching to electronic medical records, and computer security is not always a high priority.
• Health care providers in the US have a monetary incentive to switch to digital medical records under The Health Information Technology for Economic and Clinical Health (HITECH) Act.
• But with all of this progress the healthcare sector is "woefully behind" in terms of cyber preparedness. - Forrester Analyst Stephanie Balaouras
https://www.technologyreview.com/s/533631/2015-could-be-the-year-of-the-hospital-hack/http://www.medicalrecords.com/physicians/the-national-digital-medical-records-mandate-arrahttp://blog.trendmicro.com/why-is-the-health-care-industry-so-behind-on-cyber-security-part-1-of-2/
Incentives for Attackers?
• Experts at Reuters suggest that medical information is 10 times more valuable than a credit card number on the black market.
• Hackers use stolen data to create fake IDs to buy medical equipment or drugs that they can resell.
• Hackers also may use a patient number with a false provider number to file fraudulent claims with payers.
http://www.beckershospitalreview.com/healthcare-information-technology/medical-records-10x-more-valuable-to-hackers-than-credit-card-information.html
Siemens Healthcare Customer Advisory Board
• In October of 2015 Siemens Healthcare Diagnostics invited the heads of cybersecurity from 20 different hospital organizations both large and small to the Siemens VIP Center in Disney.
We Asked a Simple Question
• “What can we do to help your organization be more secure?”
• What we learned was profound.
• The hospital security team was unsure where their responsibility ended and Siemens began.
• Are they responsible for securing our medical devices?
• Is Siemens responsible for securing their networks?
Who’s Responsible for Keeping us Safe?
• The Answer – We all are!
Why Are We Here Today?
• Security is the responsibly of every individual at the hospital from Nurse to CIO to third party vendor.
• We are entering a turbulent time merging the needs of the healthcare industry with the security needs of the digital age.
• We can wait for someone to tell us how to secure our private health information or we can step up, work together and shoulder that responsibility ourselves.
• That is why we are here today to open up lines of communication, to start a dialogue about security and to drive our industry into the digital age.