HIMSS18 cybersecurity recap: Threat sharing and the need for boardroom priority
Cybersecurity was top of mind for many at HIMSS18. From Google Cloud to the National Institutes of Health, securing data across the organization, especially in the era of AI and machine learning, was part of many discussions.
In fact, the HIMSS annual cybersecurity survey released at the conference found the majority of healthcare organizations faced a significant security incident last year, and almost all of those attacks were made by an identifiable threat actor, such as negligent insiders and hackers.
To combat negligent insiders, organizations must manage all of those threats by working closely with peers, business units and vendors, NetSmart CISO Tony Maupin said during an Allscripts session on cybersecurity. Those relationships shed light on the challenges facing other healthcare providers.
But Maupin also suggested that organizations need to challenge vendors to share views on best practices, to “get involved in those grassroots of security… Let’s just come together and work as a team.”
To get there, the boardroom needs to make cybersecurity a budget priority, as it will help security teams afford the tools necessary to manage and detect threats on a network. The budget will also help with disaster recovery and patch management.
“It needs to get to the point where we don’t need to fight for the budget,” said Dara Barrera, Michigan State Medical Society’s manager of practice management and health IT.
“I want to be routine. I don’t want IT to be specially funded,” said Albany Medical CISO Kris Kusche. “I don’t want to have to say I need this special budget because then I will know [security] is part of the culture, part of the DNA of the organization.”
To accomplish this, hospital C-suite executives need to fund these cybersecurity tools and activities, including making incident response plans part of routine, Nolan Garrett, principal and CTO at Intrinium, explained at HIMSS18.
Part of that issue is that healthcare organizations are still focusing on basic needs like buying security tools. While those are important, it’s crucial for organizations to have plans in place for when an incident occurs.
Threat sharing was another major cybersecurity topic, as many healthcare organizations like Google Cloud, the U.S. Department of Veterans Affairs and the National Institutes of Health offered their own takes on data sharing and solving healthcare’s issues together.
Gregory Moore, MD, Google Cloud’s vice president of healthcare, stressed that healthcare has huge liabilities when it comes to data breaches because of the type of data it holds. Google Cloud is transitioning this area to the cloud to allow them to leverage those tools and create a layered defense and depth security.
“Defense and depth: An analogy would be not only wearing a belt, but wearing suspenders,” said Moore. Penetration testing is also helpful, as are bug bounty programs and partnerships as “it’s difficult for any one person to do on their own.”
Groups like MITRE and the National Health Information Sharing and Analysis Center (NH-ISAC) are focused solely on threat detection and education organizations on the need to share those threats with other organizations.
Perimeter security is crucial; in an era of highly sophisticated attacks, it’s not enough to prevent cyberattacks anymore, according to Julie Connolly, principal cybersecurity engineer for MITRE.
“Healthcare is one of the first examples of a sector or group doing this crowdsourcing approach to developing analytics,” said Connolly. “We have different ways to engage the community and we put the framework out there. It takes time, but it’s been very successful.”
Full HIMSS18 Coverage
An inside look at the innovation, education, technology, networking and key events at the HIMSS18 global conference in Las Vegas.