Comey: FBI, Hospitals Stronger Together Against Cyberthreats
With healthcare entities increasingly under cyber-siege on multiple fronts, cybersecurity has already emerged as a main area of focus for 2017. As the list of malicious actors continues to grow, from individuals hackers to multinational cyber syndicates, the Federal Bureau of Investigation (FBI) is looking to build stronger relationships with private community entities as a means of improving their cybersecurity threat response. That was the message from then-FBI Director James Comey in his keynote address at this week’s American Hospital Association annual membership meeting, according to FierceHealthcare.
According to Comey, the majority of cybercrimes go unreported and that it is important for hospitals to consider enlisting the help of the FBI when it comes to cyberthreats. He likened it to having a relationship with your local fire department, according to FierceHealthcare. “The firefighters aren’t expected to know all the nooks and crannies or secrets in a hospital, but they’ll know where the hydrants and water hookups are, and how to rescue people who may be trapped in the case of a fire.”
Healthcare organizations represent a treasure trove of sensitive data that provide the building blocks for fraud and identity theft, from names and addresses to birth dates and social security numbers. What’s more, it’s a treasure trove that looks like easy pickings to many cybercriminals. And medical device security threats might not be far on the horizon as well.
Comey told audience members that if hospital executive teams don’t know at least one person at the FBI’s local field office, that represents a mutual failure, according to FierceHealthcare. “Together, we can confront the changing human experience,” he said.
Comey also discussed strategies hospitals could use to prevent cyberattacks, and pointed out areas to consider when developing cybersecurity plans. These included building a strong cybersecurity culture among employees, addressing technological vulnerabilities, and having data backups and a continuity plan in case of a ransomware attack.
Sarah Sheber is assistant editor and web editor at Journal of AHIMA.