Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient privacy, healthcare organizations and their supply chains must better understand the growing attack surface and the technologies and solutions which can improve their ability to respond to unauthorized network access.

In this brief, entitled “Hacking Healthcare IT in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach”, the Institute for Critical Infrastructure Technology provides a comprehensive assessment of the threats and healthcare trends which have the greatest impact on health sector security, as well as solutions and strategies to improve resiliency. The report draws from the OPM breach, which is a prime example of the enormous consequences an organization can face by not maintaining and protecting integrated systems.

Specifically, this brief details:

• The Healthcare Sector’s Adversaries (script kiddies, hacktivists, cyber criminals, cyberterrorists and Nation State Actors)

• A Multi-Pronged Approach to Meaningful Cybersecurity (people, policies & procedures and technical controls)

• Healthcare in a Digital Age (IoT, sensors, telehealth, remote monitoring, behavior modification devices, embedded devices, mobile applications and data sharing in the Cloud)

• Legislation & Collaboration (21st Century Cures Act, telehealth solutions for veterans, telehealth access expansion, prescription drug monitoring, EHR interoperability, mHealth IRB)

• And much more

Institute for Critical Infrastructure Technology

icitech.org