Health

The importance of continuing training and education for cybersecurity leaders and employees in the healthcare sector

Photo of news7g news7g11/16/2022
7 3 minutes read
The importance of continuing training and education for cybersecurity leaders and employees in the healthcare sector


Training is one of the key components of defending against cyberattacks. And this is not just for employees of the healthcare provider organization, but also for managers and security personnel – especially those looking to advance.

This is the topic of “Internal Career Development: Recruiting From Inside,” an educational session at the HIMSS Healthcare Cybersecurity Forum, December 5-6 in Boston.

This session is a fresh look at cybersecurity training in healthcare organizations and how security leaders and staff can also enhance their knowledge, skills, and capabilities. Cybersecurity training for clinicians is different from training for administrators. Effective, meaningful training is essential not only for the well-being of the organization but also for the employees within.

Even so, cybersecurity professionals in organizations also need regular training. A roadmap will be provided during the session to outline training and educational resources for individuals, organizations, contractors and others.

Melissa Elza, co-founder of GRC for Smart Ecosystems, a training and education organization where she is HR director and head of NextCISO Academy, was one of three panelists to speak. in the meeting. She sat down with Healthcare IT News to provide a preview of the Healthcare Cybersecurity Forum session.

Q. How is cybersecurity training for administrators different from training for doctors and nurses?

A. Administrators are the gatekeepers of our personal health information. Yes, all employees must be aware of HIPAA and the precautions necessary to keep that data safe. But the administrators are the ones who transmit our sensitive health data and other PIIs to insurance companies, to other doctors, etc.

Administrators especially need role-based training to ensure they understand the types of attackers and what tactics they can use to get this data. I recently read a statistic that about 95% of cybersecurity breaches are caused by human error. That is an amazing number.

“We can prevent most breaches through training. That’s hugely important.”

Melissa Elza, GRC for Smart Ecosystem

That means we can prevent most breaches through training. It is extremely important.

Q. Cybersecurity training is clearly good for a healthcare organization. How is it also good for employees, including cybersecurity professionals?

A. The healthcare sector has suffered more than 337 breaches this year, according to Fortified Health Security’s mid-year report. This was reported in September, so that number is completely higher now.

More than 19 million records were compromised in those breaches. Healthcare is inherently stressful, especially after the pandemic began. If patients are concerned about their personal health information being exposed, it only adds to the pressure of an already difficult job.

Figuring out how to mitigate these breaches and prevent attackers from entering our systems benefits everyone. It is hoped that taking the time to train people can also ease the burden on the forensic and triage teams in those organizations.

Q. What kind of continuing education do healthcare cybersecurity professionals really need?

ONE. In cybersecurity, you are always learning. You have to. Attackers are finding new ways to get into our systems every day, and we must understand those new threats.

IBM releases an annual report called “Costs of Data Breach”. This year’s report says the average cost of a healthcare data breach is now $10.1 million per incident, up 9.4% from the 2021 report. That number will only continued to increase.

Education never really stops for us. It cannot.

Q. What are one or two examples of educational resources for cybersecurity professionals, and where can they find them?

A. At GRCIE, we strongly believe that community is what helps our students cross the finish line. I don’t think that will change once they enter the industry.

There are many excellent community organizations with wide reach, such as the Cloud Security Alliance (CSA), ISACA, ISC2, and the Information Systems Security Association (ISSA), which have local chapters in many cities.

If you are a woman online looking for other women, then WiCyS is another great organization that supports other like-minded women. Cyclersity is another great organization that supports women, minorities, and underrepresented individuals.

All of these organizations provide continuing education to their communities. These community organizations bring together experts so that together they learn how to protect us from these new threats. If you are looking for continuous learning opportunities, please check out these institutions.

For more information on the HIMSS 2022 Healthcare Cybersecurity Forum, taking place December 5-6 in Boston, click here.

Twitter: @SiwickiHealthIT
Email the writer: [email protected]
Healthcare IT News is a publication of HIMSS Media.

Photo of news7g news7g11/16/2022
7 3 minutes read
Photo of news7g

news7g

News7g: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Healthcare should broaden efforts to scale genAI, say IT leaders

Healthcare should broaden efforts to scale genAI, say IT leaders

02/01/2024
Drug poisoning in children is on the rise

Drug poisoning in children is on the rise

01/25/2022
Medicare Advantage plans increasingly end member coverage

Medicare Advantage plans increasingly end member coverage

10/05/2022
It's time FDA and CISA update their medical device agreement, says GAO

It’s time FDA and CISA update their medical device agreement, says GAO

12/28/2023
Back to top button