Patient adoption of telehealth has skyrocketed from 11% in 2019 to 46% during the COVID-19 pandemic, and providers are reportedly seeing 50 to 175 times as many patients via telehealth than they did pre-COVID. Since rapid, large-scale telehealth use is uncharted territory for many patients and medical staff, security must be top of mind for healthcare organizations. In fact, nearly half of hackers (48%) believe the healthcare industry is the industry most vulnerable to cybercrime during the unfolding global crisis. In such unprecedented times, healthcare organizations must look externally to enhance their cybersecurity posture by leveraging the power of crowdsourced cybersecurity - the use of ethical hackers who are incentivized to search for and report vulnerabilities in the digital assets of a given organization. As we prepare to enhance the digital patient experience, it is important to ensure that healthcare data is secure to ensure both patient trust and safety.
Here are five key use cases where crowdsourced cybersecurity can augment internal security resources within healthcare organizations:
Mitigating medical device risk More than half of healthcare provider organizations lack a strong degree of confidence in their medical device security. Even worse, almost all medical devices are in some way digitally connected to each other -creating a “free-for-all” environment once a malicious hacker compromises a single medical device. This issue has become even more pressing in light of the increased reliance on telehealth during the pandemic.
By leveraging external security research teams, healthcare organizations can use experts with specific skills in IoT and hardware hacking to identify vulnerabilities before cyber adversaries can exploit them. This, in turn, enables healthcare organizations to provide a continuous, robust security posture that helps prevent the compromise of connected digital devices.
Connected infrastructure moving to the cloud IT systems, connected medical devices, digital health applications and electronic patient records all offer immense value to both medical professionals and patients. However, each introduces unique and complex cybersecurity risks, most of which are not able to be quickly addressed as needed by internal security teams.
A crowdsourced cybersecurity approach enables healthcare professionals to assess and mitigate the risks associated with disparate data sources and infrastructure so that patients do not have to worry about the privacy of their data. Unfortunately, patient healthcare records can sell for up to $1,000 on the dark web due to the amount of personal information found within the documents — including a patient’s date of birth, credit card information, social security number, medical history, address and email.
