Phishing continues to be the most prevalent cybersecurity threat in healthcare. And the most common of those is through email. We asked why this continues to be a challenge?[...]

October is Cybersecurity Awareness Month

Throughout the month we will take on cybersecurity subjects that continue to be challenging in healthcare today and ask our experts to weigh in.

Topic 1: Phishing

Phishing continues to be the most prevalent cybersecurity threat in healthcare. And the most common of those is through email. We asked why this continues to be a challenge? What recommendations do they have for IT teams to help this problem?

"Cybersecurity, particularly social engineering, has evolved from being primarily an IT responsibility to an organization-wide concern. This is especially true in healthcare where high-valued patient data is at stake and email is the primary method for bad actors to infiltrate service lines.

Organizations must strike a careful balance between relaying information to their communities while avoiding oversharing that could aid attackers. Bad actors often exploit the altruistic nature of healthcare workers. For example, they use seemingly "internal" knowledge to convince end-users of the legitimacy of phishing attempts thereby opening the door to patient data breaches.

AI has also raised the bar on these nefarious phishing attacks. Attackers are now able to create highly convincing and harder-to-detect emails. They have also become more sophisticated with new tricks such as personalized targeting, improved grammar, context-aware messaging, and dynamic content. Health IT departments, already overwhelmed and facing budget constraints, struggle to keep up with these evolving tactics.

Beyond common tools, we suggest continued end-user education to prevent phishing attacks. Consider internal phishing campaigns that mimic real world attempts as part of your regular training and provide staff with easy reporting channels to flag suspicious emails. Incident response plans are another valuable step to take.

An incident response plan, including a phishing playbook and regular tabletop exercises, ensures everyone is aware of their role in the event of a cybersecurity emergency. Leaders from all service lines should participate in and support these exercises to maximize effectiveness while conveying the importance of repetitive training and education to their healthcare teams.

While partnership opportunities are not suitable for everyone, it's important to explore and assess whether one makes sense. Recently, Microsoft offered financial incentives for rural healthcare providers to enhance security and training. Monitor and explore these external support options while also engaging with your existing EHR partners.

Bad actors aren't ceasing their attack efforts any time soon. Take every step possible to guide your facility and offer protections for stronger cybersecurity functions."