Topic: How to tackle the influx of telehealth cybersecurity threats amid the pandemic

Many healthcare organizations quickly adopted telehealth programs out of necessity at the start of the COVID-19 pandemic, expanding their attack surface with the integration of new technology such as mobile telehealth apps and wearable heart rate and blood glucose level monitors.

What’s more, nearly half of security researchers (48%) believe the healthcare industry is the most vulnerable industry to cybercrime during the unfolding global crisis. This opens up opportunities for potential devastation as cyberattacks in healthcare can compromise not only networks and data but also threaten the applications and services supporting critical patient care systems. Such malicious activity has already and may continue to contribute to serious life or death situations.

Leveraging crowdsourced security as a defense layer from adversaries

As a result of the increase in malicious hackers targeting telehealth initiatives, healthcare organizations must find a cost-effective way to quickly address vulnerabilities before they are exploited or risk jeopardizing patient health and safety.

To address this, healthcare organizations should consider adopting crowdsourced security programs such as bug bounty programs or vulnerability disclosure programs (VDPs). Crowdsourced security is an organized approach wherein a number of ethical hackers are incentivized to search for and report vulnerabilities in the digital assets of a given organization with the full understanding and awareness of the organization in question.

It’s imperative that healthcare organizations take precautionary measures to ensure a secure, user-friendly telehealth environment for staff and patients. By turning to external security researchers via a bug bounty or VDP, healthcare organizations can have vulnerabilities proactively disclosed before adversaries discover them and take malevolent action.

While using the hacker community might still cause healthcare organizations some unease, it should be noted that 93% of security researchers hack out of care for the organizations they work with, assuring that the protection of patients’ data is a noble cause in which many researchers would gladly participate. As reliance on telehealth continues to increase and its capabilities evolve, a crowdsourced security approach can ensure that a healthcare organization’s cybersecurity posture evolves along with it.

Securing the ever-evolving amount of telehealth data

The use of new telehealth technology has both diversified the type of data that exist within healthcare organizations and increased the complexity of security measures required to protect those data. From electronic health records to patients logging symptoms via a portal or mobile app to even encrypting patient data from appointments in transit, healthcare organizations are seeking ways to not only manage these new attack surfaces but secure all of the new data within them.

Crowdsourced security also enables healthcare professionals to assess the risks associated with disparate data sources and infrastructure, so patients don’t have to worry about the privacy of their data. Additionally, with comprehensive methodology, coverage analysis and reporting, crowdsourced security programs ensure that the administrative, physical and technical safeguards are in place to comply with HIPAA.

Topic Discussed: How to tackle the influx of telehealth cybersecurity threats amid the pandemic

Read Original Article