When you think of hackers, do you picture a dimly-lit room with a computer desk in the corner and someone huddled over the keyboard wearing a Guy Fawkes mask?
This article will discuss the importance of information security in the healthcare industry — especially as it relates to emergency situations and the safe handling of patient data. Certified ethical hackers, by default, have a viable “in” with healthcare organizations in need of cybersecurity experts to safeguard their networks and information.
Rather than being confined to dark basements and anonymous online chat room status, hackers are assuming a new, legitimate role in defending our computer networks from infiltration and sabotage. Let’s explore possible beneficial relationships between ethical hackers and healthcare organizations.
Types of Hackers
Some people may not realize that there are different types of hackers — in other words, not all hackers are created equal (so to speak). In addition to “black hat hackers,” the “bad” hackers who intend to inflict the maximum amount of damage upon the target, there are “white hat hackers” and “grey hat hackers.” The latter include “hacktivists” like members of Anonymous and intend to expose weaknesses — sometimes in exchange for meaningful action or political change. Lastly, “white hat hackers” offer to utilize their knowledge to help improve the safety of business and user data on that particular website.
The threats that continue to hang over us are numerous as well, so it would help ensure the security of local and regional healthcare organizations, hospitals, and clinics to utilize the help of a knowledgeable and ethical white hat hacker — either in-house or contract-based. The cybersecurity threats that continue to exist include viruses, computer worms, and spyware, along with malicious hijackers, Trojan horses, and email schemes like ransomware and phishing.
What’s at Stake?
Beyond the obvious vulnerability at stake when personal patient data is exposed, it is also concerning that this type of medical data goes for a premium on the dark web and the black market for hackers and other identity thieves. Therefore, it doesn’t seem like a huge logical leap to suggest that public health could be at stake without sufficient cybersecurity in place to prevent healthcare-related system hacks.
The University of Southern California argues there should be increased scrutiny for emergency management — including IoT security, wearable device safety, and smart home IT defense. Many new innovations in emergency response are hackable in theory: smartphone access to 911, geographic information systems, intelligent street lamps, interoperable communications technology, and emergency communication apps.
The Bottom Line
New healthcare technology, such as that utilized in Internet of Healthcare Things (IoHT) gadgets, must be equipped with built-in security features, lest they be rendered useless to healthcare organizations, patients, and medical professionals. However, if properly secured, IoHT has the potential to both improve disease management and reduce healthcare costs in order to make healthcare more affordable to a wider demographic.
Cybersecurity professionals can break into the IoHT by appealing to both healthcare organizations and app or gadget developers and stressing the importance of data security to the efficacy of the IoHT industry. White hat hackers, especially, can lend important insight into the street value of EHRs and how hackers are likely to approach different technology.
According to Healthcare IT News, three out of four hospitals lack a designated security person, which has forced them to “get creative” with filling their security needs. This lack of staffing seems to present a potential opportunity for cybersecurity specialists and ethical hackers. By marketing their services as a freelance contractor, they could potentially open the door to a full-time opportunity via networking or word-of-mouth.
* * *
Are you a cybersecurity expert or healthcare IT professional with firsthand experience in the medical world? Share your thoughts or experiences in the comments section below.