Cybersecurity Best Practices

Help protect your organization from cybercrime by adopting these industry-recognized best practices.

An alert recently released by the Cybersecurity & Infrastructure and Security Agency is raising concern within the nation’s hospitals and health systems. This agency, together with the Federal Bureau of Investigation and the Department of Health and Human Services, is collectively a division of the Department of Homeland Security and has declared a credible threat to the healthcare sector. According to the advisory, hackers are targeting computer systems, which can lead to “ransomware attacks, data theft and the disruption of healthcare services.”

Cybercrime is nothing new, but these threats come at a time when COVID-19 cases are rising and care resources are stretched thin. Hospitalization volumes are surging across the country, with states like the Dakotas and Wisconsin reaching all-time highs. Healthcare workers have enough on their plates and these cyber attacks could over further overwhelm an already-stressed industry.

So what can healthcare organizations do to prevent these attacks? The key is to better educate users on phishing and other cyber risks in order to easily identify red flags and protect their systems. On the heels of Cybersecurity Awareness Month, we are sharing these tips that can alleviate your practice’s risk of becoming a victim.

  • Have up-to-date antivirus software protecting your device(s) and content
  • Ensure applications and operating systems are up to date, meaning the latest versions are installed and all known vulnerabilities are patched
  • Only connect to known networks
  • Use strong passwords to prevent hackers from gaining access to your accounts
  • Educate employees on emerging cybersecurity risks and vulnerabilities
  • Conduct training sessions so users are aware of ransomware and phishing scams threats and how they are delivered
  • Have a strategy in place so employees know what to do and who to contact when they see suspicious activity or believe they have been a victim of a cyberattack