Defending healthcare systems from the rise of targeted cyberattacks
In recent years healthcare organisations have been constantly targeted by hackers and COVID-19 has made the situation worse. To help tackle the issue, the HIMSS Italian Community brought together local and global healthcare leaders to discuss 'Health safety management: the new challenges'.
WHY IT MATTERS
The pandemic has taught us that cybersecurity in the healthcare sector is a growing concern. In the last 14 months, according to the Clusit Report (Italian Association for Cyber Security) 2021, over 10% of the attacks carried out were related to COVID-19. Research institutions and companies involved in the development of vaccines against SARS-Cov-2 have been targeted by cybercrime, but hackers have exploited the situation of collective unease and extreme difficulty experienced by some sectors to target their victims.
"Active discussion is the most important aim of the community. We have found that our industry has also become a direct target of cybersecurity attacks."
- Elena Sini, CIO, GVM Care and Research
THE LARGER TREND
There is no shortage of "defence weapons" in the fight against cyberattacks. In the European Union, ENISA, the cybersecurity agency, takes care of implementing such weapons. There are many tools available: from the NIS Directive to the Medical Devices Regulation; from the Cybersecurity Act to Cyber Europe, Europe's largest cybersecurity exercise for the healthcare sector.
In the US, the legislative framework provides guidance and support from the Health Insurance Portability and Accountability Act of 1996 (HIPAA), through to the Health Information Sharing and Analysis Center (H-ISAC) and the Cybersecurity Act of 2015. Italy has a strategy for the digital growth of the country, the three-year plan for information technology, the perimeter of national cybersecurity, local laws and regulations.
ON THE RECORD
"Active discussion is the most important aim of the community. We have found that our industry has also become a direct target of cybersecurity attacks. The webinar was proposed to gain awareness and support each other,” explains Elena Sini, of the HIMSS Italian Community.
"There is a lack of awareness that runs through all healthcare organisations, starting from the Board of Directors where cyber risks are not necessarily evaluated as they should, have not become a priority, to the medical staff who quite often perceive cybersecurity checks as an obstacle,” emphasises Athanasios Drougkas, network and information security expert for ENISA.
"We all see the benefits of technology but at the same time it will increase the vulnerability of systems. We need to put the appropriate safeguards in place because, if we don't, I fear there could be catastrophic consequences in the way these issues impact healthcare," concludes Stephen Grimes, Strategic Healthcare Technology Associates, LLC.
Learn more about the Italian focus on cybersecurity for providers and patients during the 'Good Morning from Italy' session taking place at the HIMSS21 & Health 2.0 European Health Conference on 8 June 2021.
Healthcare IT News is a HIMSS Media publication.