Michael Barbella, Managing Editor03.31.22
Cybersecurity training is a rarity in healthcare.
A study from encrypted cloud service provider NordLocker shows that 56 percent of healthcare sector employees lack cybersecurity training arranged by their current employer. The survey also revealed that 76 percent of healthcare professionals handle confidential data at work.
“Since healthcare is among the top five industries most hit by ransomware, the organizations that don’t train their employees how to identify the potential risks and about the right measures to avoid them are on the brink of falling victim to various cybercriminal activities,” explained Oliver Noble, a cybersecurity expert at NordLocker.
Cybersecurity Tools Lacking
The survey found that 17 percent of healthcare sector employees do not use any cybersecurity tools at work. Among those who do use protection on their digital devices, antivirus is the most popular software (60 percent) followed by a password manager (57 percent), a VPN (36 percent), and a file encryption tool (36 percent).
“With cyber racketeers going after the overwhelming amount of sensitive patient data healthcare service providers have access to, employers who don’t urge their employees to use the necessary cybersecurity tools, or even worse, don’t provide them, are putting their reputation at stake,” Noble said. “For example, unsecured IoT devices, such as printers, can provide a pathway to a hospital’s computer systems.”
Who is to Blame?
When asked who should be responsible if they accidentally caused a data breach in their workplace, the majority of healthcare workers answered with “both the employer and the employee” (47 percent). However, one in five respondents (21 percent) would solely blame their company if they were involved in a data breach.
“With the human element being one of the weakest links in an organization’s cybersecurity and hackers looking for vulnerabilities to exploit, it’s easy to see why many employees believe their employer should ensure appropriate means to be able to withstand threats,” Noble said.
Five easy-to-implement cybersecurity practices for healthcare employees
Methodology: NordLocker commissioned a survey of 300 employees in the U.S. healthcare sector in October 2021.
NordLocker is the world’s first end-to-end file encryption tool with a private cloud. Available for both desktop and mobile, NordLocker supports all file types, offers a fast and intuitive interface, and guarantees secure sync between devices.
A study from encrypted cloud service provider NordLocker shows that 56 percent of healthcare sector employees lack cybersecurity training arranged by their current employer. The survey also revealed that 76 percent of healthcare professionals handle confidential data at work.
“Since healthcare is among the top five industries most hit by ransomware, the organizations that don’t train their employees how to identify the potential risks and about the right measures to avoid them are on the brink of falling victim to various cybercriminal activities,” explained Oliver Noble, a cybersecurity expert at NordLocker.
Cybersecurity Tools Lacking
The survey found that 17 percent of healthcare sector employees do not use any cybersecurity tools at work. Among those who do use protection on their digital devices, antivirus is the most popular software (60 percent) followed by a password manager (57 percent), a VPN (36 percent), and a file encryption tool (36 percent).
“With cyber racketeers going after the overwhelming amount of sensitive patient data healthcare service providers have access to, employers who don’t urge their employees to use the necessary cybersecurity tools, or even worse, don’t provide them, are putting their reputation at stake,” Noble said. “For example, unsecured IoT devices, such as printers, can provide a pathway to a hospital’s computer systems.”
Who is to Blame?
When asked who should be responsible if they accidentally caused a data breach in their workplace, the majority of healthcare workers answered with “both the employer and the employee” (47 percent). However, one in five respondents (21 percent) would solely blame their company if they were involved in a data breach.
“With the human element being one of the weakest links in an organization’s cybersecurity and hackers looking for vulnerabilities to exploit, it’s easy to see why many employees believe their employer should ensure appropriate means to be able to withstand threats,” Noble said.
Five easy-to-implement cybersecurity practices for healthcare employees
- Ensure employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.
- Secure email by training staff to identify signs of phishing, especially when an email contains attachments and links.
- Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
- Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.
- Encrypt medical files to avoid data leaks in ransomware. Even if encrypted files are stolen from corporate computers, hackers won’t be able to access their content and threaten you with exposing the data publicly.
Methodology: NordLocker commissioned a survey of 300 employees in the U.S. healthcare sector in October 2021.
NordLocker is the world’s first end-to-end file encryption tool with a private cloud. Available for both desktop and mobile, NordLocker supports all file types, offers a fast and intuitive interface, and guarantees secure sync between devices.