Should You Perform IT Security Check-Ups Annually or More Often?
Routine physical exams and medical check-ups are one of the many good practices to ensure we’re healthy. It’s an obvious measure of how we’re trending on our health goals and gives us opportunity to take action when needed to be on the best path.
Like our personal health, our IT check-ups tell us where we can deliver more, and where we need to change practices to mitigate risks to our business. Sometimes, the corrective actions are obvious, and we can readily address gaps. Other measures require more serious commitments in both budget and effort.
Nearly everyone has some room for improvement to achieve optimal personal health. The same is true for our IT security. Let’s take a look at what research told us last year, as we make plans for the year ahead.
What 2018 Told Us
The 2018 HIMSS Cybersecurity Survey revealed a number of challenges that keep healthcare executives and IT up at night. Here are a couple of examples:
- One-fifth of cybersecurity incidents are caused by internal user ignorance (non-malicious negligence that can be avoided)
- Most healthcare firms perform risk assessments annually or less often
- Nearly half of industry firms don’t carve out any IT budget dedicated to cybersecurity
- For firms that do set aside an allotment for cybersecurity, the percentage of budget that goes to this piece of the pie varies
It’s no surprise that with the demands of HIPAA compliance and EPHI protection, security is an obvious concern. So, how does your organization establish the right schedule of assessments and budget to mitigate the risk of incidents (risks that come in various forms)?
- Education as part of your risk-mitigation effort is a crucial first step. Focusing on security incidents caused by user negligence are the low-hanging fruit for preventing the most common threats—phishing as the prime example.
- A good second step may be to review your historical budgets for cybersecurity threat prevention. How have your actuals faired? Have your risk assessments indicated a need for more?
- Finally, ensure you have the right technical and administrative safeguards in place. Our Endpoint Security solutions help covered entities ensure requirements are met and patient data is protected.
Getting Ready for the 2019 Results
Like the extra care we take brushing our teeth the morning of a dental check-up (floss, anyone?), or the healthy diet we undertake in the days before our annual wellness visit with our primary physician, we’re looking forward to results from the 2019 HIMSS survey. In the meantime, come visit the Ivanti booth (#400-26 in the cybersecurity platform) at the 2019 HIMSS Global Conference & Exhibition, February 11-15, 2019 in Orlando, Florida.
Looking forward to meeting you there!