Increasing Healthcare Cybersecurity With a Proactive Defense Strategy

March 4, 2021
Steve Fox

The healthcare sector has a well-known reputation for stringent privacy regulations to protect patients and clinicians. However, these regulations do not stop cybercriminals from preying on vulnerabilities. And, 2020 certainly provided a plentiful bounty of challenges, disruptions, and vulnerabilities. According to IBM’s 2020 Cost of a Data Breach Report, healthcare companies are “incurring the highest average breach cost of any industry: $7.13 million per incidence,” which is a 10% increase from 2019. Now, in 2021, experts predict cyberattacks against these institutions to increase by double or even triple.

Many healthcare institutions are already preparing to increase spending on cybersecurity measures over the next several years. As cybercriminals become more sophisticated and complex in their approach, healthcare IT security teams must be at the ready with a proactive defense strategy.


Ensure cybersecurity is a regular topic of discussion during executive or board meetings. Educate c-suite executives and administrators about existing and emerging security threats (e.g., ransomware, data breaches, malware). Review strategies for monitoring risk and response protocols should a threat become a reality. By holding a standing place at the leadership table for security discussions, your team will be better educated and equipped to respond quickly to new threats or risks.


Start with an audit of your existing infrastructure, security tools, vendors, training programs, and security policies and procedures. Through this comprehensive assessment, your team can quickly identify and prioritize points of risk within your systems and processes as well as external vendors.

Your team also can assess the effectiveness of existing training programs. Given that new information about cybersecurity innovations and cybercriminal activity is released on a continual basis, your training program also should be refreshed on a continual basis to remain effective.

When assessing your cybersecurity health, be sure to focus on the following nine key areas:

  1. Third-party vendor management (e.g., service provider risk)
  2. Security management (e.g., roles and responsibilities)
  3. Security architecture (e.g., deployment methodology, requirements)
  4. Threat and vulnerability management (e.g., emerging threats, assets)
  5. Identity management (e.g., authentication, access control)
  6. Awareness and education (e.g., security awareness, staff competence)
  7. Incident and crisis management (e.g., business continuity plan, monitoring, and detection)
  8. Regulations and policies (e.g., regulatory compliance, policies, and standards)
  9. Emerging technologies (e.g., new technology adoption, data protection)

Further, it’s important to invest in proactive precautions, including rotating backups, continuity plans, and regular system patching.


One clear method for assessing and addressing cybersecurity risk points is to start from the perimeter and work inward to the core. Laptops, mobile devices, and residential workstations are commonly thought of as endpoints. But in this scenario, we will view them as to start points, since these are typically points of entry for cybercriminals. The rise in telemedicine, for example, has created a potential point of risk for many healthcare providers, and by extension, their home base facilities.

Telemedicine is typically accessed from home, beyond the facility firewall, and via a cloud-based application. Phishing attempts and weak network security provide ample opportunity for cybercriminals to take advantage. Further, Security Magazine highlights, “Voice assistants, connected home devices, even refrigerators have Internet connections these days, making them easy points of entry to penetrate private networks and reach endpoints.”


The easiest way for a cybercriminal to gain access to your system is to take advantage of weak links in your system or network accessibility. As a preventive measure, IT leaders should take a hard look at existing password requirements and levels of access across the healthcare ecosystem. Staff members should only be able to access systems and information required to perform their job effectively. Cinch up the access and permission levels across the organization, and set a standard to review these permissions on a regular basis. Also, require staff members to use a strong password for system access, and require that these passwords be changed at regular intervals (e.g., every 6 weeks). We also recommend enforcing two-factor authentication to add another layer of security.


Due to the sensitive nature of healthcare data and system security, it’s essential that healthcare IT leaders invest in advanced tools for cybersecurity threat detection. These tools can assist your team and organization with identifying phishing attempts, blocking malware, and alerting your team to ransomware threats.


When it comes to cybersecurity, especially for healthcare organizations, it’s critical to take a proactive approach. By assessing the current health of cybersecurity measures in place, as well as the effectiveness of training and education across the organization, you can ensure you stay on top of existing and emerging threats. A little extra effort will go a long way to allow you to address potential risks before they become a costly reality.

join our email list