Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Health leaders, it’s time to prioritize cybersecurity culture and employee awareness

By Sai Venkataraman
healthcare security freepik
August 11, 2021

The healthcare industry has been hit hard by the pandemic, and not just for the obvious reasons. The past year created the perfect storm for cybercriminals to take advantage of the world’s disruption and target vulnerable health systems, costing the healthcare industry $21 billion in ransomware payments and downtime. With a 470% increase in attacks from 2019 to 2020, it is now crucial for healthcare systems, hospitals, and other health-related organizations to prioritize the security of sensitive information and patients. The only way to do this is by educating employees with contextual cybersecurity awareness training and emphasizing the importance of a strong cybersecurity culture. 

Although all industries and organizations can fall victim to cybercriminal attacks, the healthcare industry is even more vulnerable as they cannot afford to lose access to patient health records. Knowing this, cybercriminals have doubled down on ransomware and phishing campaigns, almost guaranteeing speedy payments from desperate healthcare workers who cannot afford to put their patients’ health at risk. 

To put this alarmingly high increase in attacks at bay, health leaders need to prioritize the human element of the cybersecurity strategy. Healthcare organizations may not have previously required to invest as much time, effort, and resources on security training, but healthcare organizations have no other option in today's risk environment. 

Here are three steps healthcare leaders across the U.S. should be considering immediately to secure and fortify their organization: 

  1. Assess current systems, technology, and culture. Outdated systems are more vulnerable to attacks, and with a global pandemic raging on for the past year, updating these systems might not have been top of mind for many healthcare organizations. In addition to reassessing cybersecurity technology, organizations should evaluate their entire security culture and employee sentiment towards that culture. This will give leaders a strong sense of whether or not employees feel confident in recognizing and remediate threats and where to go from there. 
  2. Identify gaps in security knowledge. Humans are the targets for these growing attacks, so organizations must empower their workforce with the right tools and expertise to effectively deter attacks themselves. Surveying your workforce is a great way to set a clear baseline for what is missing from your cybersecurity repertoire and identify the kind of content to build into a coaching strategy. It’s important to consider that not all employees will need the same security awareness knowledge. Employees should be equipped with applicable information based on their unique, risky actions that will likely expose themselves or the organization to potential threats. Once these gaps in security knowledge are identified, the organization can actively work towards closing them with a layered approach that incorporates both technology and coaching. 
  3. Build an individualized cybersecurity coaching strategy. As busy as your employees may be, it is crucial to arm them with the knowledge to protect your organization from a cyberattack. Healthcare workers already have non-traditional hours, so using long, generalized training seminars will not be effective. Instead, organizations should share personalized messages to each worker based on the specific behavior the employee carries out. These serve as microlearning moments that work within the busy schedules of the healthcare workforce and ensure that learning content is relevant to each employee’s specific actions. Sharing consistent, relevant touchpoints directly to an individual will lead to positive changes in behavior over time, ultimately protecting the broader organization.

Healthcare organizations must take the time to assess current security systems and strategies, even if they have not yet encountered any major cyber incidents. It’s essential to get ahead of these threats with relevant and vigilant education to the entire employee base. As phishing and ransomware attempts become more and more sophisticated over time, personalized guidance will proactively make employees aware of how their specific behaviors might put their organizations and patient data at risk - and deter them from making damaging mistakes. 

KEYWORDS: cyber security data privacy healthcare security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Sai headshot

Sai Venkataraman, Co-founder and CEO of SecurityAdvisor.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • employee at computer

    Now is the time to prioritize cybersecurity

    See More
  • Black building blocks

    Using Cybersecurity Awareness Month to build a strong culture

    See More
  • RSA 2017: The "Culture" of Cybersecurity Collaboration

    Leaders Value Strong Security Culture But Struggle to Define and Implement It

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing