The human factor in cybersecurity: 5 key thoughts
December 10, 2015
Max Green and Akanksha Jayanthi
Though often discussed in highly technical terms, cybersecurity and safeguarding patient data are arguably more human-centric than anything. The root cause of breaches is usually human error — an employee who falls for a phishing scam or shares a password, for example. Research from IBM shows 95 percent of all security incidents involve human error.
No organization is immune to a cyberattack, but hospitals and healthcare organizations are elevating discussions of how to best safeguard data. On a panel at the Becker's Hospital Review 4th Annual CEO Roundtable + CFO/CIO Roundtable in Chicago, healthcare IT leaders shared their thoughts on cybersecurity, consumer expectations and the human element as it relates to security efforts.
Panelists included Sabi Singh, co-COO of University of Iowa Hospitals and Clinics in Iowa City; Jaime Parent, vice president of IT operations and associate CIO of Rush University Medical Center in Chicago; and Gib Sorebo, chief cybersecurity technologist for Leidos. Ayla Ellison, editor with Becker's Hospital Review, moderated the panel.
Here are six key thoughts on the intersection of human behavior and cybersecurity.
1. Healthcare has been hit hard by the consumerization of IT
2. Enabling security stewardship is as important as systems engineering.
3. A lack of standards leaves security up to third parties.
4. Commercial hacks, for better or for worse, set an example for healthcare organizations.
5. In a threat-filled environment, providers must protect health information to the best of their ability.