10 stubborn cybersecurity myths, busted

As common half-truths and misperceptions plague information security, we separate truth from fiction and outline steps to take in order to make your healthcare institution safer.
By Jessica Davis
09:13 AM
Share
cybersecurity risks and myths

The state of healthcare cybersecurity is bad enough without a host of inaccurate information floating around the industry. Hackers honed in on healthcare’s technology weaknesses in 2016, pummeling the industry with massive spear phishing campaigns and ransomware attacks. And 2017 has been even worse. 

Cybercriminals are becoming more sophisticated, and malware and other attack methods have followed. The most recent and perhaps fearsome trend, in fact, is the destruction of data, seen with June’s Petya attacks that caused permanent damage to corporations and health systems.

As much as hackers are fine-tuning their techniques, it’s time for healthcare leaders to clear away the cobwebs and begin to impart real change in their organizations to stop the cycle.

To jumpstart the effort, Healthcare IT News spoke with cybersecurity experts from a range of sectors to bust once and for all the common security myths that continue to plague the industry. Once these far too common misconceptions are laid to rest, perhaps the industry can come together and bring itself into a new age of cybersecurity.

Each box below represents a common cybersecurity myth. Click on the “Bust it!” button to learn the truth.

...

MYTH #1

You can sweep ransomware attacks under the rug.

...

MYTH #2

Machine learning software alone will keep systems safe.

...

MYTH #3

Disconnecting networks and devices eliminates risk.

...

MYTH #4

Firewalls and security software are all a hospital needs.

...

MYTH #5

Contract security companies are not worth money.

...

MYTH #6

You can just deal with cybersecurity when you have to.

...

MYTH #7

Strong, complex passwords are enough to keep hackers out.

...

MYTH #8

Policies and training will automatically fix security issues.

...

MYTH #9

By collecting troves of data, all threats will be revealed.

...

MYTH #10

Physical security and cybersecurity are not the same.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com