Cyberattack Drill Exposes Healthcare Industry's Vulnerabilities
Healthcare organizations are at their weakest not necessarily on technical implementations, but in their ability to coordinate and collaborate across organizations, says a security expert.
Healthcare providers, like other industries, are not always very good at sharing cyber-attack intelligence with each other. But according to findings of a first-of-its-kind April 1 simulated drill, improvements are now underway specifically in the healthcare industry.
The industry-wide exercise, CyberRX, presented participants with a series of challenges which "exercised elements within each of the organizations," said Kevin Charest, chief information security officer for the U.S. Department of Health and Human Services.
"We actually started it off with some fraud, where a physician attempted to have some malicious code written that would allow erroneous images to be created and then they could defraud Medicaid and Medicare," Charest explained.
The scenario involved lots of different complexities in incident response, including responding to simulated inquiries from the press, Charest says.
A Wide Range of Players
A big takeaway from the exercise: Healthcare organizations are at their weakest not necessarily on technical implementations, but in their ability to coordinate and collaborate across myriad healthcare entities, says Roy Mellinger, who is vice president, IT security, and chief information security officer at Wellpoint, the largest managed health care, for-profit company in the Blue Cross and Blue Shield Association.
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- Consumerism Drives Healthcare Branding, Rebranding Efforts
- CNO on Hospital Redesign: 'You Can't Over-Communicate'
- How Digital Strategy Shapes Patient Engagement at Boston Children's Hospital
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- 3 Traits Personality Assessments Can't Reveal
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013
- Carondelet to Pay $35M to Settle Fraud Allegations
- Antibiotic Overuse a 'Huge Threat' to Patient Safety, Says CDC
- CHS Hacked, 4.5M Patient Records Compromised