Social engineering and data theft are the most common cybersecurity threats facing organizations, according to a survey conducted by CHIME and Association for Executives in Healthcare Information Security (AEHIS).
“Cyber criminals are attacking us from nearly every angle,” said Marc Probst, chair of the CHIME board of trustees and CIO at Intermountain Healthcare. “We have to be extremely vigilant in educating our staff and our business partners on how to minimize the risk of an attack. We are only as safe as the weakest link along our networks.”
The survey, which included input from more than 200 chief information and chief information security officers, identified malware and ransomware as the top ways that cyber criminals are exploiting weaknesses. CHIME and AEHIS presented the findings on Wednesday to the HHS Cybersecurity Task Force, a group that is charged with analyzing the unique challenges and barriers to cybersecurity in healthcare.
What they found was that nearly 65 percent of respondents were somewhat confident or not confident at all that federal legislators understand the importance of security enough to support key policy initiatives being advocated by healthcare organizations. Respondents expressed a need for the federal government to develop tools for providers of different sizes and level of resources, as smaller organizations with limited resources often have a different set of needs than large health systems. They also called on lawmakers to adopt incentives that will encourage greater information sharing, including protecting organizations that voluntarily work to improve security across the delivery system from punitive government audits.
“We are all in this together,” Probst said. “New payment and delivery models are creating a more connected healthcare system than ever before, but we need our partners in the federal government to understand the risks that are out there and to work with us on finding common sense solutions.”
The HHS task force is expected to deliver its report on cybersecurity in healthcare early next year.