Interesting Insights into Healthcare Security and Ransomware

We’re a little late posting this, but at the HIMSS 2022 conference, I had a chance to learn and share some really great insights into healthcare security and ransomware from the team at Fortinet.  We live tweeted many of them, but thought an article round up would be great for those that missed the tweets.  Check them out below with some light commentary.

Healthcare security and ransomware is top of my for any IT person in healthcare.  It’s not going away either.  In fact, the challenge is going to keep growing.

It’s kind of hard to see this number.  That’s a lot of breaches.  That’s a healthcare breach that’s happening every other day.  It also makes you wonder if that’s just the breaches we know about.  Are there a bunch more we don’t know about?

We know that digital transformation is coming.  We know that means an explosion of devices and endpoints.  Sounds incredible from a clinical and patient experience perspective.  Sounds like the opposite of what ever healthcare security person wants to see.  Security and accessibility are often at odds.  This is definitely the case with many digital transformation efforts.

I’d never thought about the impact of downtime on orders.  That’s a big problem that adds a lot of overhead for an organization and is a terrible experience for patients.

I’ve seen a lot of sessions on medical device security.  Embedding Fortinet’s security technology into a medical device sounds like a really big step forward.

They make a good point.  Do you even have a ransomware account?  How much can you add to it if needed?  These are complex questions you need to address if your strategy is to pay the ransom.  Of course, the even more complex question is whether you should pay the ransom.

Let’s start with asset management…it’s a very good place to start.  Seriously though, it really is a great step for security.

This next graphic I didn’t have a chance to tweet since it went by before I could capture it.  So, I asked Fortinet to send it to me.  This was a really powerful way to visualize how you’re doing in your cybersecurity efforts.  Where do you fall?

Plus, credit Fortinet on showing how their security tools can help with each area:

I’m not sure if patents are a specific indicator of innovation at most health IT companies.  They don’t hurt, but it’s not as clear how valuable they are generally.  However, 1255 patents for Fortinet’s healthcare security products is significant innovation.

About the author

John Lynn

John Lynn is the Founder of HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.

2 Comments

  • Whenever the malware/ransomware is mentioned, I always look (in vain) for the platform it ran on — Windows or Linux. (I suspect most healthcare site use the more fragile Windows servers.)

    Is this ever brought up as an issue?

  • I had someone yesterday say that Apple’s were less secure than Windows now. That may be true. Slightly different in servers I think, but the reality is that if you don’t configure it properly, they’re all insecure.

Click here to post a comment
   

Categories