Company Benefit

Employee Benefit & Consumer Driven Healthcare

Please Share the News & Follow Us.

RSS
Follow by Email
Facebook
fb-share-icon
Twitter
Tweet
LinkedIn
Share
  • Home
  • News/Articles Library
  • Benefit Plan Types
    • Flexible Benefit, Cafeteria Plans, & Tax Advantaged Plan Options
    • Health Reimbursement Arrangements (HRAs)
    • Health Savings Accounts (HSA) Implementation
    • Commuter Company Benefits
    • Employee Benefit Plan Type Comparison
    • Employer Benefit Plan Eligibility Requirements
  • Contact Us

Sen. Angus King shares healthcare security takeaways from Cyberspace Solarium Commission

12/11/2020 By Benefit News

“The reality is that we are dangerously insecure,” reads the introduction to the report released earlier this year from the bipartisan national Cyberspace Solarium Commission. “Your entire life – your paycheck, your healthcare, your electricity – increasingly relies on networks of digital devices that store, process, and analyze data. These networks are vulnerable, if not already compromised.”

In healthcare, as the most targeted industry, we already know that of course. But nationwide, the stakes are even higher.

“Our country has lost hundreds of billions of dollars to nation-state-sponsored intellectual property theft using cyber espionage,” according to the report. “A major cyberattack on the nation’s critical infrastructure and economic system would create chaos and lasting damage exceeding that wreaked by fires in California, floods in the Midwest, and hurricanes in the Southeast.”

At the HIMSS Healthcare Security Forum on Tuesday, Senator Angus King, I-Me., who co-chaired the Cyberspace Solarium Commission (which issued a 200-page report offering more than 80 recommendations toward a multi-layered national cyber defense strategy), said the federal government has to do much more.

But that doesn’t absolve healthcare organizations in the private sector from their own responsibilities as phishing campaigns proliferate, ransomware attacks reach a fever pitch and nation state actors take aim at the COVID-19 vaccine supply chain, he said.

“The pandemic has taught us two important lessons in the healthcare field,” said Senator King in his keynote.

The first is that “the unthinkable can happen,” he said. “A year ago, none of us would have been talking about wearing masks, social distancing, and hundreds of thousands of people dying. I mean, it was literally unthinkable to have this tragedy occur. Well, a cyberattack is unthinkable, too, but the pandemic taught us that the unthinkable can happen.

“The other thing this has taught us is how important telehealth is,” said King. “In the first weeks after the onset of the pandemic, telehealth visits went from 12,000 a week to a million a week across the country.”

That’s great for enabling care delivery in the midst of a pandemic, but that raises new issues, he said.

“Who thought before that a home router was a security risk, was something that we needed to worry about, because a lot of the telehealth is not from remote facilities to the hospital, but from the home to the hospital or the healthcare provider. All of a sudden, the connection into the home and the router in the home, and all of the infrastructure is also at risk.”

(As an aside, King said that one of the “number one priorities coming out of this, in terms of the economy and infrastructure, is broadband. It’s got to be ubiquitous and it’s got to be affordable.”)

When it comes to cybersecurity, in the healthcare sector and beyond, “unlike many other national security threats – terrorism, for example – this is not a strictly government function,” said the senator. “In fact, it’s not even a majority government function: 85% of the target space for cyberattacks are in the private sector. That’s where we’re vulnerable.”

So there has to be a much closer connection between the private sector and the government, he said.

“And that means reporting. That means sharing information. That means developing relationships of trust. You have to trust that when you report to CISA, you’ve got to be able to have confidence that that will be acted upon and that the information you share will help to protect others.”

The government can “write laws, set up joint reporting systems and all of those kinds of things – which we have recommended in our Solarium Commission report,” he said. “But it’s also got to be more intangible in terms of trust and confidence and sometimes unaccustomed close relationship between the private sector and the public sector, because that’s the only way we’re going to be able to defend ourselves.”

As the government gears up to develop a more comprehensive strategy, the healthcare industry has some steps it can take on its own, said King:

  • Go to the cloud. “In our report we recommend cloud-based systems because it’s a lot easier to have a really strong and important security at one place in the cloud, rather than rely upon the security arrangements of hundreds or thousands of different individuals. If you’re on the cloud, you have less of a risk for ransomware attack because you can download your data that otherwise would be held for ransom by an attacker. So the judicious use of the cloud, I think, is one of the important things that we can do.”
  • Always patch. “It seems pretty basic. But I’m sure many of you … sometimes pull out your hair when the patching doesn’t happen on a timely basis. You’ve got to go and make that happen.”
  • Share information. “If your entity is being attacked, chances are someone else already has been or will be in the future. And to the extent we can share information through CISA, through other government organizations, through your national organizations, that could be very helpful. It can help you, but it also can help prevent serious attacks to your colleagues at some later date.”
  • Prioritize basic cyber hygiene. “I can’t remember the exact figure we were given during our deliberations in this area, but some huge number – 85 to 90 percent of malicious cyberattacks – can be prevented by good ol’ cyber hygiene: educating your workforce not to click on phishing emails; checking on the background of people that you don’t know that are trying to penetrate your system; being very careful about opening attachments.”

Meanwhile, on a larger scale, the U.S. government absolutely has a responsibility to develop a better overall national cyber strategy, he said.

“Part of the failure of our strategy thus far has been a lack of a real deterrent, a lack of something that our adversaries feel is something they have to worry about. I want a group of people sitting around in the Kremlin saying, ‘Well, maybe we shouldn’t attack the next American election because we know they’re going to respond. We know it’s going to cost us something. Historically, there hasn’t been much of a cost paid by our adversaries.”

Cyberattacks are inexpensive for foreign bad actors to perpetrate, he pointed out.

“I once did a calculation that Putin can hire 8,000 hackers for the price of one jet fighter.” said King. “There’s got to be a cost imposed in terms of a response. And we’ve got to have a deterrent capability. That’s one of the major recommendations of our Solarium report. That’s what we’ve got to do in order to protect you on the national level.”

No question, this is a fraught new era.

“It is an incredibly serious and dangerous risk to the United States and to your critical and important and essential institutions throughout the country,” said King. “You have an important role in protecting your institutions. The government has a role to assist you in that. And if we all work together, we can minimize this risk.”

Twitter: @MikeMiliardHITN


Email the writer: mike.miliard@himssmedia.com


Healthcare IT News is a HIMSS publication.

Taking Stock of Progress and Looking Ahead

This December, we look back at a challenging year – and forward to what we hope is a better, stronger, more connected and resilient healthcare ecosystem.

Read More

60

SHARES
facebook Share on Facebook
Twitter Tweet
Follow Connect on LinkedIn
custom Share
custom Share
custom Share
custom Share
custom Share

Filed Under: Benefits Updates

Get alerts & updates via. email.
Error occured. Please confirm your data and submit again:
companybenefit.com virus updates

Breaking Health Updates:

UK’s Integumen Unveils Prototype COVID-19 Breath Test

LONDON (Reuters) - Integumen, a British … [More...]

Becton Dickinson Reaches $60 Million Settlement Over Pelvic Mesh Devices

NEW YORK (Reuters) - Becton Dickinson and Co … [More...]

Birx: Not Considering Leaving Coronavirus Task Force

Editor's note: Find the latest COVID-19 news … [More...]

COVID-19 LIVE UPDATES: Kansas reports 262 new cases, while Missouri adds 211 on Wednesday – KMBC Kansas City

The Kansas City metro has emerged from … [More...]

Experts suggest improving ventilation may reduce coronavirus spread – CBS News

A study finds that improving ventilation can … [More...]

All Coronavirus Posts:

Robot That Can Perform ‘Supermicrosurgery’ Passes First Test in Humans – Gizmodo

The MUSA robotic platform, developed by MicroSure. Image: MicroSureA surgical robot capable of reconnecting vessels with diameters as tiny as 0.3 millimeters has been tested on human patients, and the results are promising. New research published in Nature Communications describes MUSA—the first robotic system designed exclusively for performing reconstructive supermicrosurgery. Using the system, surgeons were able to reconnect vessels with diameters between 0.3 and 0.8 … [Read More...]

Updates & Alerts

Get alerts & updates via. email.
Error occured. Please confirm your data and submit again:

Are you Aware of Transit Benefits?

Commuter Company Benefits

Transit / Transportation Company Benefit Up to $260/month* for transit benefit expenses The Commuter Transit Account / Transportation company benefit is a pre-tax benefit account used to pay for public transit—including train, subway, light rail, bus, and ferry—as part of

breakdown of benefit options:

Employee Benefit Plan Type Comparison

Flexible Spending Account, Health Reimbursement Arraignments, & Health Savings Account Comparison The chart below is a brief comparison of the various components of each of these important health care options. Description FSA HRA HSA History IRS Code … more

Savings

Employee Benefits and Tax Savings

Benefit to Employee HOW DOES THE EMPLOYEE BENEFIT? The employee can choose to participate in the plan or not. If the employee participates in the plan part of his/her taxable wage is converted into tax-free benefits. This can be a big tax savings for the employee and … more

Copyright © 2021 · CompanyBenefit.com · Log in

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.acceptread more

Terms and Conditions - Privacy Policy