4 questions for every healthcare CTO

The healthcare industry is under cyberattack. Are you prepared?

by AT&T Business Editorial Team

You already know that healthcare industry is under attack by hackers and other bad actors. In fact, there’s undeniable evidence showing that this is the case. Yet, there is still a surprising disconnect between how healthcare leaders and their IT gatekeepers feel their organizations are prepared to stave off attacks.

According to a recent study from AT&T, 60% of C-level executives feel that the security solutions already in place are keeping them safe. But only 29% of IT security staff feel the same sense of security.

It’s time for healthcare leaders to pay attention … or pay the price. CSO quotes the average cost of a single ransomware attack is $5 million. The reputation risk is even greater. Aetna’s Health Ambitions Study, showed that healthcare consumers prioritized data security even over cost of care.

Here are some questions industry leaders need to be ask their IT gatekeepers to help them get on the same page:

1. How do we currently identify cybersecurity threats?

“The harsh reality is that no number of security systems can stop an attack; they can only reduce the risk. The severity of an attack is therefore determined by how quickly a company can detect and respond to threats as they occur.”

–Barmack Meftah, President of AT&T Cybersecurity Solutions and CEO of Alien Vault

Most enterprises have come to understand the importance of addressing Internet security on a threat-by-threat basis. The question is how well a company uses the security information and event management (SIEM) tools at their disposal. A SIEM platform plays the role of analyzing many contributing behaviors and activities that may be indicative of a security threat in order to discover the true source of the threat. But each organization must hold itself responsible for establishing a non-siloed organizational structure, along with resources around the security operations activity.

2. How and when during implementation does our security team get involved in the deployment of emerging technology, such as Internet of Medical Things devices and equipment?

Digital transformation has created countless efficiencies and revenue streams, but it also has created more opportunities for hackers to gain access to mission- critical systems and valuable patient data.

Healthcare at large has grown ever more reliant on wearable tech, cloud-computing, industrial devices, and other IoMT applications. Trying to work toward managing every aspect of a network, proper controls must be incorporated. But these controls don’t necessarily work on all endpoints, such as IoMT devices. So organizations must be proactive and deploy edge-to-edge security one step earlier, in the design of the network itself. And while organizations have learned to trust algorithms to interpret and apply their data, these systems and codes must be frequently monitored, otherwise they may be compromised.

3. Which elements of human security does our organization test?

 “In my opinion, users are the weakest link,” says the IT director for a mid-sized company, in the latest AT&T Cybersecurity Report. “I see this over and over again. The spam, the phishing schemes, they get more intelligent and better every day. People are busy, and not thinking about security.”

Data supports this IT director’s opinion. Employees are not only highly susceptible to cybercrime, they also perpetrate crimes themselves. The AT&T Cybersecurity Report also reveals that new IT policies also contribute to the lack of preparation for security incidents. For instance, many companies implement new cloud computing initiatives or adopt new user controls without adequately building foundations and training employees effectively. This can lead to a lack of awareness, user errors and even installing software without the right security settings, opening the company up to impending threats from the start.

4. How frequently does our organization perform IT penetration testing?

A penetration test, also known as a pen test, is a simulated cyberattack against an organization’s computer system to check for exploitable vulnerabilities. This important exercise can show decision makers why they must share the responsibility for the company’s cybersecurity. While cybersecurity has traditionally been viewed as an IT issue, in our digitized world overworked IT departments are less adequately prepared to tackle cyber-attacks head-on. C-suite decision makers and IT gatekeepers must work together to eliminate silos and prioritize collaboration so that business operations are transformed with cybersecurity integrated not only at endpoints but within the network.


Healthcare companies must acknowledge that a single attack could compromise the security of their EHRs and thus their credibility and sustainability. Only through self-assessment and practical implementation can your organization establish a well-executed vulnerability threat management program, the bedrock of a strong security risk management strategy. To better understand your organization’s risk level and obtain practical next steps, take this eight-question cybersecurity risk & readiness assessment.