Healthcare is Going Mobile - And So Are the Threats to Your Hospital and Patients

By now the move to all-mobile-everything seems almost inevitable, but what does that mean for your security strategy?

Malware, Ransomware and Phishing attacks continue to target and plague hospitals, often at a rate two times higher than other sectors. Despite this disturbing trend however, studies show over the last several years, organizations are become more active in defending their patients and infrastructure from cyber threats. According to a recent HIMSS Cybersecurity survey, 85% of healthcare leaders conduct annual (at minimum) risk assessments, and 75% conduct regular penetration testing. So what makes mobile more vulnerable?

Quite simply, the newness of it all. While cyber attackers are becoming increasingly savvy across multiple platforms, including mobile, potential targets are only recently learning to recognize how to spot and react properly to threats, such as phishing scams, delivered via computers.

Many users don’t think that their phones are as vulnerable as their laptops and PCs, which, in turn, lowers their guard when determining if, for example, an email is legitimate or not.

- Anthony Giandomenico, Senior Security Strategist & Researcher - Fortinet

So how do you protect your employees and patients? Start by implementing some of the following best practices:

1. Implement a phishing simulation, training and education program

2. Incorporate mobile attack simulations and awareness into any current or planned cyber training and awareness programs

3. Encourage your employees to regularly check for, and apply, updates, patches and fixes on both mobile and desktop platforms

4. Install anti-malware on mobile devices (yes, this does exist for both Apple and Android)

5. Connect to only known and trusted wi-fi networks

6. Implement mandatory secure messaging services and transfer patient and client information through these systems only.

For more information on creating a phishing simulation and training program for your organization, setting up regular penetration testing or implementing a preemptive cybersecurity program, contact us today: info@ryskgroup.com or (866) 797-5699.

#Cybersecurity #Cyber #Phishing #Medical #Healthcare #Ransomware #Malware #Hacking #BestPractices #DataBreach #KnowYourRysk #ReduceYourRysk