Attackers vs Defenders – Healthcare Cybersecurity Comparison

When people say social media is awful, I often think they’re following the wrong people.  Although, I’ve definitely followed enough of the wrong people in my life to know the ills of social media as well.  That said, if you’re following the right people, your social media feed can be full of knowledge and insights.

A great example of this was a recent LinkedIn post I saw by Derek A, a healthcare information security manager (seems appropriate that Derek keeps his info semi-private as a security guy).  Here’s what he shared when it comes to attackers vs defenders in healthcare and the question, “Who do you think has the advantage here?”

For those that haven’t clicked through or can’t read the image since the embed is kind of small, here’s what he has on the image:

What Attackers are Doing Today (On the left)

  1. Breach Your Network
  2. Monetize

What Your Defenders Will Do Today (On the right)

  1. Four hours of meetings
  2. Status updates
  3. Add notes to tickets
  4. Timesheets
  5. HR mandated training
  6. Close tickets as “False Positive”
  7. Update slide decks
  8. Update policies + KBs
  9. 23 minutes of Infosec Work

Who Will Win?

Many of you reading this might think that this is actually a Fun Friday post.  Unfortunately, it’s not funny how real and true this chart is when it comes to how challenging it is to be a CISO or security professional in healthcare.  Reminds me of my new favorite phrase about the challenge of healthcare security:

We have to be right 100% of the time.  They have to be right once.

While healthcare security culture is realizing that 100% is impossible, it still is the goal of every security effort and illustrates the challenge we all face.  Plus, the above should illustrate how many organizations make it even harder for security professionals to be successful.  It’s worth taking some time to understand how your organization’s bureaucracy is impacting your cybersecurity efforts.

About the author

John Lynn

John Lynn is the Founder of HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.

2 Comments

  • John,

    You’re totally right, they just need to be right once. I think all of the recent attacks have put a magnifying glass on healthcare IT teams. I’ve been seeing them get more involved in the typical biomedical equipment. Also due to some of the unfortunate successes of the attacks, I believe that healthcare attacks are on the rise. According to a Forbes article I was reading, citing Bitglass as the source, in 2020 there was more than 50% increase of attacks compared to 2019. There’s lots of consulting companies out there trying to take advantage of this, but when it comes down to it to get everything up to snuff takes a massive amount of resources.

    Best,
    Chris

  • I’ve heard of a lot of health IT leaders spending as much time, effort, and money on what to do when an incident happens as they are on preventing incidents. I think this is reasonable considering the likelihood that something will happen. I agree on many consulting companies that are trying to prey on the fear. It’s too bad.

Click here to post a comment
   

Categories