Cybersecurity Risk Mitigation Suggestion: Share the Burden

Cybersecurity Risk Mitigation Suggestion: Share the Burden 

In healthcare, we know the cybersecurity threats that loom large over our industry as a whole and over our facilities, systems and data. What we don’t need is more information on how bad hackers are and how good they are at being bad. What we do need is peace of mind and, frankly, strategies that we can stand by in times of questioning or – even worse – incident. In either case, justifications for your strategic approach, research of your team’s credentials, and evidence of your organization’s command of the information you needed to make decisions about cybersecurity will be challenged. For cybersecurity teams, as is often the case in sports, the best defense is a good offense. 

The Potential of Partnership 

Of course, CereCore has found that advantage lies in strategic partnership that extends the ability, capacity, and expertise of your team. Here’s how partnership can contribute towards improvements to your program’s cybersecurity “offense”: 

Partner to support the expectations?  

For healthcare, justification of additional resources on cybersecurity is tough. What qualifies a partner in this space? Ask these questions: 

About your partners 

• What other healthcare organizations partner with the cybersecurity and healthcare IT firms your organization does? How satisfied are they with their services? 
• Does a partner you’re considering hold credentials in addition to those of your team? 
• Does your partner have experience developing and implementing cybersecurity healthcare programs? 

About your team and organization 

• Does anyone in your organization have prior experience with incident recovery? 
• Has your organization observed multiple healthcare organization’s approaches to cybersecurity? 
• Which core competencies are deficient and, therefore, less defensible when questioned or in case of incident?  
• Do your legacy technologies and archives have proper risk mitigations?  
• What is the potential cost of an incident at your organization – at a single location, in a single department, or impacting your entire organization? 
• How many people would you need to hire to represent all the competencies a cybersecurity team should have for an organization of your size, complexity, vulnerability, etc.? 
• What are your other options for bringing more cybersecurity protection to your organization? 

About patients 

• Which lines of service would suffer the most in the event of an unexpected outage? What impact would that have on your overall organization? 
  

Choose a partner that’s proven value in extreme circumstances 

If the adage is true and the best defense really is a good offense, the time is now to consider a worthy partner. One that will stand by you to prevent the unthinkable with confidence from experience and insight to supplement that of your own cybersecurity organization. One that inspires you to leave a KLAS comment like this one that means so much to us here at CereCore: