“Cyber hygiene is as important as medical hygiene to help protect patients from harm,” lobbying group security expert says.
Humans are the weakest link in cybersecurity, and the healthcare industry is no exception.
Healthcare workers may not think of themselves as part of the cybersecurity team, but they’re often the last line of defense for facilities when cyberattackers take aim, primarily because they’re often making decisions related to access and identity.
It’s impractical to put the onus for defending against cyberattacks in practice on non-tech personnel like doctors and nurses. One way to manage the threat more realistically is to use clinicians as an early warning system, Phil Englert, VP of medical device security at Health-ISAC (Information Sharing and Analysis Center), said.
“Their primary job is patient care; it’s not cybersecurity,” Englert said. “Asking them to identify when things are not right, and then getting the experts or the IT analysts or security analysts involved in actually evaluating that device or that technology…is how we would best utilize clinicians.”
