Hospital leaders should be wary of accidental insider mistakes, better prepare employees

As cyberattacks become more frequent and complex, healthcare leaders must apply new approaches to train their employees on cybersecurity.

At Becker's Hospital Review's 3rd Annual Health IT + Revenue Cycle Conference in Chicago Sept. 22, Brian Warszona, vice president at London-based Willis Tower Watson, explained companies must look beyond traditional cyberthreats — like hacktivists, third-party breaches and malicious cybercriminals — and focus on securing their systems from accidental insider mistakes.

Email is the No. 1 way malicious code enters system, and a number of other cyberattacks are triggered by accidental employee errors, according to data Mr. Warszona presented. This infection might take place after an employee accidentally clicks on a link with a malicious code or when they log on to their work computer from their home wi-fi network, for example.

"We have to start looking at the employees because they are one of the main focuses of what we're trying to prevent. What we are trying to prevent is a mistake," he said. "A lot of the times we run into employees that [made a] mistake and are attempting to cover it up because they felt bad about what they did."

Companies should address cybersecurity shortfalls from both an organizational perspective and an individual employee's perspective. He suggested organizations incentivize good cyber behavior on an individual level and consider training methods that integrate gamification elements — such as implementing a short cybersecurity video that pops up when an employee comes close to accidentally jeopardizing the system.

"You can't control every single button your employees click on, but there's a way you can make them want to be a little more conscious," Mr. Warszona said.

More articles on cybersecurity:

6 Trump advisers used personal email accounts: 6 things to know

Hack on Deloitte goes undiscovered for months, potentially impacts 5M emails

Equifax accidentally links to impostor Equifax website after breach

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months