Security Threats in Healthcare Did you know that cybersecurity attacks are costing healthcare organizations millions of dollars each year? For healthcare providers, one of their main goals is to ensure improved patient healthcare. With the significant rise of cyberattacks and the rapid growth of healthcare technology and medical devices, healthcare providers are facing cybersecurity issues. That saying, healthcare providers have to focus on cybersecurity prevention, protection, and compliance. There are quite a few reasons why the healthcare industry has been one of the most highly targeted industries over the last few years. One of the reasons is healthcare providers store millions of health data records in an electronic form, in fact, in the year of 2015, over 110 million breaches have occurred (Cabrera, 2016, p. 1). Furthermore, healthcare patient information and financial data such as protected health information personal data and health records are being exposed to cybersecurity threats. Researchers suggest that the healthcare industry is quite behind on cybersecurity which is a factor that comes into play regarding the significant number of attacks. When healthcare providers decided to implement healthcare technology which allowed them to move healthcare information online, they failed to implement effective risk management strategies to prevent cyberattacks. Cabrera (2016) suggested that the healthcare providers were more focused on how the new technology affects patient care rather than taking the proper preventative measures that are required when implementing technology. In addition, Cabrera (2016) implies that cyber threats are more likely to occur when new technology is first implemented. Taking the additional steps to ensure that patient information is safe is also a form of protecting patients. Patients do not expect their information to be exposed or stolen on behalf of the healthcare provider (Cabrera, 2016). As a final point, implementing cybersecurity tools, risk management strategies, and cybersecurity employee annual training is necessary for the healthcare industry. Patient information is sensitive data that must be properly secured so that cyber-attacks will be less detrimental. Cyber professional healthcare workers suggest taking preventative measures in order to prevent critical damage such as patient information breaches, financial theft, and reputation damages caused by cybersecurity attacks. The advances of information technology along with the increase usage of the internet have contributed to the increase in cyberattacks ( Mohammad, Thabtah, & McCluskey, 2015). Problem Statement Cyber-criminals have chosen to target the healthcare industry not too long after healthcare providers decided to rely on the internet to store information and create electronic forms. Healthcare information contains large amounts of data which can be used for the wrong reasons by cybercriminals. However, utilizing electronic healthcare technology has also been beneficial for healthcare providers in which this technology has made it easier to organize, manage, and share information instead of having to solely rely on sorting through paper documents to find information. The use of electronic healthcare technology has become widespread across the healthcare industry and it is known to improve the management of healthcare data and information (Kruse, Frederick, Jacobson, & Monticone, 2017). The underlying issue is not the implementation of healthcare technology, but the lack of planning for the implementation of technology. When healthcare providers decided to implement healthcare technology which allowed them to move healthcare information online, they failed to implement effective risk management strategies to prevent cyberattacks. Likewise, healthcare organizations are at risk of facing cyberattacks because most of the healthcare providers failed to properly plan for technology implementation via risk management planning. Therefore, data and information that is stored on a cloud server and online in general is at risk. Healthcare workers who are sending unsecured medical data and information over the internet are making a risky decision. More than 80% of business leaders have implied that they faced cybersecurity challenges after using the cloud to store sensitive information, but these leaders failed to understand the root cause of the cybersecurity threats. Following this further, the growing use of healthcare technology will require healthcare decision makers to adopt cybersecurity threat methods and strategies to be able to monitor and control unknown and known risks. Cybersecurity threats have caused patient and staff information to be misused. Presently, healthcare executives are creating information security guidelines and policies such as updating the computer systems every so often and requiring staff to update their passwords. Although, using antivirus software is beneficial, it is not sufficient enough to protect sensitive information. Healthcare information must be encrypted and regular risk management assessments must take place so that the designated personnel can respond to security issues and work to improve internal controls ( Atluri, 2018). Cyber Professionals. Cybersecurity professionals in healthcare are critical because someone has to monitor and protect sensitive information. The cybersecurity incidents are continuing to grow and threaten the healthcare industry. Executive personnel are investing a significant amount of money into protecting hospitals’ computer systems. It is an expensive investment being that hospitals are so complex, and the complexity includes the computer network, regulatory policies, and the internal politics (Cabrera, 2016). Cybersecurity professionals are required to understand the organizational politics, regulatory policies, and various healthcare technological applications (Jarrett & Ghaffarzadegan, 2018). These professionals work directly with healthcare technology and understand the effective use of technology. Some of the main benefits of healthcare technology include on-demand training for healthcare providers, improved efficiencies in everyday work, better quality healthcare treatment, and data and information security. According to Herrin (2018), the advancement in healthcare technology results in a decrease in the number of death cases, yet an increase in improvements of healthcare patients’ well-being (Herrin, 2018). Overall, cybersecurity professionals are utilizing cutting-edge technology to help improve healthcare systems (Herrin, 2018). Healthcare providers and cyber professionals must work together so that there is a mutual understanding of what the organization needs. Goal The ultimate goal for healthcare providers is to provide quality health care services by utilizing healthcare technology; if cybersecurity strategies are not properly implemented, then healthcare organizations will have to invest more money dealing with cyber breaches (Herrin, 2018). With more medical devices becoming internet connected and data being transferred in an electronic form, security failures are being recognized. The increase in cyber security is not the key to solving this issue; instead, health decision makers have to figure out how to implement cybersecurity practices and healthcare compliance such as utilizing audit controls. Audit logs are defined as a set of security records that display evidence of consecutive activities and work to reduce security risks. Audit logs are quite common in the healthcare industry in which health care workers rely on audit logs to comply with the Health Insurance Portability and Accountability Act (HIPAA) (Strauss, 2017). HIPAA was established to improve effectiveness and proficiency of healthcare. Health and Human Services (HHS) has implemented national standards pertaining to electronic healthcare while Congress implemented into HIPPA stipulations that mandate Federal privacy protections for identifiable healthcare information. In addition, HHS has set a privacy rule and security rule within HIPPA, the privacy rule sets the national standard for protecting healthcare information for individuals. It ensures that individual identifiable information is protected. Also, three types of entities are included such as clearinghouse, health plans, and healthcare providers conducting transactions electronically. The security rule was established to protect electronic health information by ensuring confidentiality, integrity, and availability (CIA) (U.S. Department of Health & Human Services, 20018) Additionally, healthcare providers can implement the practice of audit controls to monitor information system activities. Audit logs are records of events based on activities that involve the computer systems and user activity. Cybersecurity professionals use audit logs to monitor user activities such as scrutinizing how many times a user accessed information. This is important because healthcare works need to access information that is relevant to their job. Audit controls are important in fact there was a $5.5 million HIPAA settlement due to security issues (Strauss, 2017). Overall, healthcare professionals must establish risk management strategies to reduce the impact of cyber threats. The goal is to protect the organization by analyzing audit log to predict possible threats. Cybersecurity professionals have made use of various techniques to manage cyber-attacks such as monitoring logs and behavioral monitoring. Technical monitoring is advanced monitoring used to analyze critical data; for example, when unauthorized files are copied and or significant quantities are emailed, printed, or downloaded, the technical monitoring tools sends an alert to the designated personnel (Elifoglu, 2018). The use of audit logs work to manage security threats and secure sensitive data to manage threats caused by cyber-attacks. When healthcare organizations face damages due to cyber-attacks, resolving the problem and working to restore data becomes costly. Using audit logs is a risk/threat management strategy to mitigate and manage risks and threats. Healthcare providers who plan on depending on technology must implement a plan to not only secure their network, but also protect the organization’s data against theft, malicious malware, viruses, worms, and anything that can cause damage to their organization due to cyber-attacks. The effects of cyber-attacks are long-lasting (Elifoglu, 2018). Relevance and Significance In regards to the relevance of security threats in the healthcare industry, healthcare providers incorporated information technology applications and practices due to the need to be able to quickly access patient information. This matter is essential so that healthcare workers can use the information to obtain a full understanding of the patient’s background, without having delays due to misplacing important documentation (Herrin, 2018). Healthcare executives have developed the practice of moving medical data and information onto an online storage database, although, there are risks that need to be managed before and after the migration of sensitive information. Researchers suggest that utilizing cyber security software, equipment and strategies are beneficial. These strategies will reduce costs that are related to cyber-attacks; taking preventative measures will save money versus having to pay to fix the damages. With the advancement of technology, cyber-attacks are more prevalent and continue to grow in the healthcare industry. Hackers are becoming more sophisticated with their methods to gain access to personal information to be able to execute cyber-attacks. Vulnerabilities put healthcare organization’s entire computer systems at risks. Literature Review Once healthcare providers decide to adopt security threat preventative measure practices then the implementation stage begins. Vulnerabilities put healthcare organization’s entire computer systems at risk, therefore, vulnerability scans and assessments are used to mitigate vulnerabilities. Cybersecurity professionals are using vulnerability scans to detect weaknesses in computer systems for healthcare organizations. These scans are designed to run from the end point of the computer system to detect threats and vulnerabilities which turn out to be an effective threat management strategy. However, cybersecurity professionals must be aware that vulnerability scans can be risky at times. Sometimes vulnerability scans run intrusive codes on the computer system which can cause errors. For the most part, vulnerability scan are effective. Vulnerability scan can be used to find, define, categorize, and prioritize vulnerabilities on computer systems (TechTarget, 2018). Similarly, vulnerability assessments are also vulnerability management tools that are automated testing tools used to recognize threats. Vulnerability assessments are able to detect several types of cybersecurity threats; these threats not only impact the healthcare providers and personnel within the organization, but also the patients. There are many tools that hackers are using to execute their attacks in hopes of gaining financial information, intellect information, or any other type of sensitive information used to carry out these attacks. Cybercriminals are becoming more strategic with their methods to illegally gain access to healthcare information. Healthcare organizations must protect their data and information. Healthcare organizations must ensure that all employees have a basic understand of types of cybersecurity threat (TechTarget, 2018). Below are types of cybersecurity threats that healthcare organizations may encounter: Phishing. Phishing is a very common technique used to steal personal information, but specifically employee information with healthcare organizations. The phishing technique is a social engineering tactic used to get someone to share personal information through manipulation. For instance, a hacker might design a website that is used to impersonate an official website such as Sentara Employee website in order to gain access to employee information to get access to patient information. If encrypted emails are not used to share patient information or financial information via email, then it will be easy for the hacker to steal sensitive information that is not supposed to be shared with the public. Some precautions that personnel must take are to ensure that the website is secured and official before using their login or password. Additionally, a phishing attack can start with something as simple as an email being sent. Within the e-mail, the cybercriminal might ask the computer user to provide or update their information by following an URL link in the e-mail ( Mohammad, Thabtah, & McCluskey, 2015). Denial of Service (DoS). The Denial of Service (DoS) attack flood computer systems with data packets. The cybercriminals’ goal is to use specialized software to overload the computer system so that they can gain access to specific information. A DoS attack is difficult to mitigate being that multiple attacks can occur concurrently. The cybercriminal uses Botnets to scan the computer system and then the hacker takes full control of the computer system. Healthcare providers can reduce DoS attacks by ensuring that the firewall is up-to-date and turned on. Personnel can help take precaution by staying away from unknown websites and refraining from opening emails from unknown individuals (Turban, 2012). Backdoor. Backdoor is a tactic used to install keylogging software. With the keylogging software, cybercriminals can monitor the activity of the computer user and eventually take control of the computer system. With this software, hackers are able to illegally access your computer system. The backdoor tactic is also used to tamper with computer files, steal information, and install unwanted software on the computer system. Once again, opening an email from an unknown person is another way that this tactic is used to install malicious software (Chen, et al., 2012, p. 2). Spoofing. Spoofing is a form of social engineering and it sends out signals to access unauthorized information. Hackers generally use the spoofing tactic by s impersonating another person. It is easier for cybercriminals to impersonate another person via email. They send out an email to the person they are targeting and pretend to be someone else so that they can gain information. Personnel can prevent this from happening by not responding to emails from unknown individuals (Wild, Radu, Chen, & Ferryman, 2015, p. 1). Distributed Denial of Service. Distributed denial of service (DDoS) is used to block the authorized use of information on computer systems. DDoS is a serious threat and hackers have used to method even more so because of its severity. A DDoS is so severe that it can take down all of the service within a company. This attack consists of a hacker or hackers sending multiple requests with a spoofed IP address to reflectors; when this happens, the computer system is flooded. The reflectors within a computer system work to provide legitimate service, but with a DDoS attack it is difficult to identify if the computer system is under attack. Trojan Horse. The Trojan horse malware attack received this name from Greek mythology. When a computer system is infected by a Trojan horse; the Trojan horse hides in the computer system causing severe damage. The damage is done because the computer system is evaded and therefore loses proper functionality. Although the Trojan horse is not as severe as a DDoS, it is more difficult to detect a Trojan horse which means it more likely to stay on a computer system for a longer period of time (Brusco, 2011). Some of the best practices that healthcare providers can adopt include avoiding downloading unknown files, ensuring that the firewall is always turned on, and reporting suspicious activity as soon as it occurs (Brenner, Carrier, & Henninger, 2004). In summary, attempting to avoid all cybersecurity threats is inevitable. Yet, personnel within healthcare can take the proper precautions to lessen these attacks. As stated before, the underlying issue is not the implementation of healthcare technology, but the lack of planning for the implementation of technology. When healthcare providers implemented healthcare technology, they failed to implement effective risk and threat management strategies to prevent cyberattacks. Approach As information technology transforms the way work is done in a healthcare setting, cyber-attacks become more prevalent. The growths of cybercrime are on the rise and taking the most effective approaches is vital. Organizational leaders within healthcare organizations are no longer wondering if a security breach will occur, but instead they are preparing for when the security breach occurs. Cybersecurity is a top priority for healthcare organizations for the sake of keeping the privacy of healthcare and financial information (Honeyman, 2016). Healthcare organizations must have a strategy set in place to defend against cyber-attacks. For the most part, stakeholder and team buy-in must take place to develop an effective strategy. Putting up firewalls, installing anti-virus software, and developing a strategy are not enough. Leaders within healthcare organizations must establish and implement effective internal strategies which require stakeholder /team buy-in. The team must align the organizational goals with the strategy that they plan on using to mitigate cyber threats. After the cybersecurity strategy has been decided on and the goals of the team have been set, then the next step is to put the plan into action by working together. The ultimate goal is to launch a successful cybersecurity and risk management plan (Honeyman, 2016). Next, cybersecurity training needs to happen to put the strategy into practice. The cybersecurity mitigation team must work with a training partner to successfully implement the strategy. Healthcare workers have to understand that maintaining cybersecurity protection goes beyond the cybersecurity professionals. Every healthcare employee must be trained so that they have the knowledge of cybersecurity best practices, so that everyone in the organization can work together to prevent and lessen cyber threats. Part of the risk and threat management strategy is to teach employees to recognize DoS, DDoS, viruses, worms, and other types of cyber-attacks and or social engineering ploys. Being able to recognize internal and external threats so that it can be reported will decrease the amount of damages done by cyber threats. Effective training includes reviewing the importance of making strong passwords, encrypting emails when necessary, securely browsing the web, and proper system configuration; by addressing threats, developing a plan, using best practices, and providing employees with knowledge and information, healthcare providers can mitigate their chances being affected by cybersecurity attack (Honeyman, 2016). Finally, once team buy-in and training is finalized then healthcare decision makers can implement cybersecurity tools and applications to protect healthcare information. The cybersecurity applications will monitor and block unwanted activity on web servers. Cybercriminal will be searching for a loophole in the computer system. Employees who are trained to watch out for social engineering attempts are more likely to take precaution while using the company’s computer and network. Cybercriminals are out to release software bugs in the web server to gain unauthorized access to the web server. The preventative measures taken to reduce the chances of this happening will save healthcare organizations trillions of dollars. According to Cybersecurity Ventures, the costs of cyber breaches can reach up to approximately $6 trillion by 2021. The final stage of the implementation process includes: the cyber infrastructure for healthcare organizations must be designed to secure computer systems from attacks. According to the Advanced Research Projects Agency Network (ARPARNET), information technology security was not one of the major design standards for the IT systems. The healthcare threat security process includes: Identify the problem. Gain stakeholder and team buy-in. Develop a cybersecurity strategy Put the strategy into practice and train the healthcare employees Choose the most effective cybersecurity applications and tools. Conclusion In conclusion, cybersecurity attacks are extremely costly for healthcare organizations. The damages of cybersecurity attacks are projected to cost trillions of dollars for organizations across various industries. Healthcare providers’ main goals are to ensure high quality patient health. There is a significant rise of cyberattacks and rapid growth of healthcare technology and medical devices. Healthcare providers are facing cybersecurity issues. That saying, healthcare providers have to focus on cybersecurity prevention, protection, and compliance. One of the reasons the healthcare industry has become a target include: healthcare providers store millions of health data records in an electronic form. In the year of 2015, more than 110 million cybersecurity breaches have occurred (Cabrera, 2016, p. 1). Healthcare workers such as doctors and clinical social workers need to access patient information quickly. This is essential so that healthcare workers can use the information to obtain a full understanding of the patient’s background without having to worry about searching through paper files to access information (Herrin, 2018). The changes in healthcare practices have contributed to the moving of medical data and information to electronic databases (Atluri, 2018). Keeping that in mind, healthcare organizations are at risk when healthcare providers fail to properly plan for technology implementation. Data is more likely to be comprised when it is send over the internet in an unsecured form. The ultimate goal for healthcare providers is to provide quality health care services by utilizing healthcare technology. However, cybersecurity strategies must be properly implemented to avoid having to invest more money dealing with cyber breaches (Herrin, 2018). With more medical devices becoming internet connected and data being transferred in an electronic form, security failures are being recognized. The increase in cyber security is not the key to solving this issue; instead, health decision makers have to figure out how to implement cybersecurity practice and healthcare compliance such as utilizing audit controls. The healthcare threat security process includes: Identifying the problem, gaining stakeholder and team buy-in, developing effective cybersecurity strategies, putting the strategy into practice and training the healthcare employees, and finally choosing the most effective cybersecurity applications and tools. Taking the additional steps to ensure that patient information is safe is also a form of protecting patients. Patients do not expect their information to be exposed or stolen on behalf of the healthcare provider (Cabrera, 2016). As a final point, implementing cybersecurity tools, risk management strategies, and cybersecurity employee annual training is necessary for the healthcare industry. Patient information is sensitive data that must be properly secured. References Atluri, I. (2018). Smarter Cyber Risk Governance for Health Care in a Digital Transformation Age. ISSA Journal, 1-6. Mohammad, R. M., Thabtah, F., & McCluskey, L. (2015). Tutorial and Critical Analysis of Phishing Websites Methods. Computer Science Review, 1-24. Brenner, S. W., Carrier, B., & Henninger, J. (2004). The Trojan Horse Defense in Cybercrime Cases. Santa Clara High Technology Law Journal, 1-55. Brusco, J. M. (2011). Implementing Safe Computer Practices. AORN Journal, 1-7. Cabrera, E. (2016). Health Care: Cyberattacks and How to Fight Back. Journal of Health Care Compliance, 1-5. Chen, Z., Roussopoulos , M., Liang , Z., Zhang , Y., Chen , Z., & Delis , A. (2012). Malware characteristics and threats on the internet ecosystem. The Journal of Systems and Software, 1-23. Elifoglu, I. H. (2018). Minimizing Insider Threat Risk with Behavioral Monitoring. Review of Business, 38(2), 61–73. Herrin, B. S. (2018). Cybersecurity Risk in Health Care. ISSA, 1-5. Homeland Security. (2015). Cybersecurity 101. Retrieved from National Initiative For Cybersecurity Careers and Studies: https://niccs.us-cert.gov/awareness/cybersecurity-101 Jarrett , M., & Ghaffarzadegan, N. (2018). Cybersecurity in Hospitals: A Systematic, Organizational Perspective. J Med Internet Res., 1-5. Kruse, C. S., Frederick, B., Jacobson, T., & Monticone, D. K. (2017). Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Healthcare, 1-11. Strauss, L. J. (2017). The Value of Auditing and Audit Controls: Recent HIPAA Settlement Highlights the Importance of Audit Controls . Journal of Health Care Compliance, 43-53. TechTarget. (2018). Network vulnerability scanning. Retrieved from TechTarget: https://searchsecurity.techtarget.com/definition/vulnerability-scanning Turban, E. (2012). In E. Turban, Electronic Commerce: A Managerial and Social Networks Perspective. Upper Saddle River: Pearson Education, Inc. U.S. Department of Health & Human Services. (20018). U.S. Department of Health & Human Services. Retrieved from HIPAA for Professionals: https://www.hhs.gov/hipaa/for-professionals/index.html Wild, P., Radu, P., Chen, L., & Ferryman, J. (2015). Robust multimodal face and fingerprint fusion in the presence. Elsevier, 1-21.