Security Awareness Training ― CyberSecurity for Your Healthcare Organization

Jeff McCulloch

Take a moment and think about all of the security features that are used to keep your organization’s network safe. Passwords and firewalls help keep the bad guys away from your vital information. But all of these security measures don’t mean a thing if someone clicks on a malware link inside an email.

As phishing attacks have grown, so too has the emphasis on CyberSecurity. In fact, the healthcare industry sees 340% more security incidents and attacks than the average industry, according to a recent report. A tool that many are using to help prevent cyberattacks within their organization is security awareness training as a way to educate employees. Having knowledge of malware and phishing is as important as having proper antivirus and firewall protection.

How does security awareness training work?

A security awareness training provider will begin the training process with an email exposure check that shows which email addresses within an organization’s domain are being exposed to spear-phishing attacks on the Internet. This service looks deep into websites, Word, Excel and PDF files that are on the Internet. By performing these tests, business owners and managers can see which employees are the most susceptible to phishing emails. Training modules soon follow to teach employees what to look for.

Statistics show that it works

Security awareness training helps turn your employees into your organization’s first firewall. Through training, employees become the best defense you can have. We aggregated the numbers and the overall Phish-prone percentage dropped from an average of 15.9 percent to an amazing 1.2 percent in just 12 months. The combination of web-based training and frequently simulated phishing attacks really works.

Healthcare is top target for cyberattacks

The Raytheon/Websense Security Labs’ 2015 Industry Drill-Down Report — Healthcare notes that medical information is 10 times more valuable than other types of information on the black market, which makes healthcare a major target for cybercriminals. Even some of the country’s best-run hospitals are vulnerable to attacks. One of the best examples comes from California’s Hollywood Presbyterian Medical Center. In February 2016, hackers were able to exploit the Los Angeles-based hospital for $17,000 with a ransomware attack. The hospital’s entire network was taken offline, forcing staff to use pen and paper. Symantec has reported that over 20 cyber-attacks have targeted hospitals over the past year, that they are aware of.

It’s important to remember that everyone is a target of phishing attacks. These attacks happen every day, but the good news is they can be prevented. Proper training is great a great way to prevent attacks, but equally important is having a proper backup and disaster recovery plan in place. Nothing is bullet-proof in IT, but being prepared for any circumstance can help save money and downtime in the event of a disaster.

For more information about security awareness training, contact your Yeo & Yeo advisor or Jeff McCulloch, President of Yeo & Yeo Computer Consulting, jefmcc@yeoandyeo.com or 800.607.1446.

Jeff McCulloch

Jeff McCulloch

Yeo & Yeo Computer Consulting President

Jeff is President of Yeo & Yeo Computer Consulting. He has more than 20 years of experience in business development, product management and business operations within high technology companies. His areas of expertise include business consulting for manufacturing, financial services, professional corporations and small businesses. Contact Jeff at jefmcc@yeoandyeo.com or 800.607.1446.