Cybersecurity skills needs in the health sector
Cybersecurity has become vital for the healthcare sector. The very nature of medical data means that health infrastructure is probably the most vulnerable to cyber incidents. This constitutes huge value for cybercriminals because it contains sensitive information about people and their health condition. In a case of a ransomware attack, hospitals simply could not afford not to pay criminals — they would be obliged to protect the lives of their patients. So what are the cybersecurity needs of the health sector, what could help it overcome these challenges?
With the adoption of digital identities allowing all personal information to be stored in one place it became evident that all our data will soon go online, including health records. But the amount of health data that can be exposed electronically and access to it is not yet regulated. Very often sensitive personal information reaches third parties without people knowing where exactly it goes and who can view and use it.
This issue is not only a technical, but also an ethical one, and citizens should have a say in addressing it. That is why it is important to come up with a system that can allow us to keep control over health data and regulate access to it, said Serge Droz, Senior Advisor Cybersecurity at the Swiss Federal Department of Foreign Affairs, speaking at the European Cybersecurity Skills Summit Week 2022 organised by the Youth IGF.
The need for cybersecurity professionals in the field of healthcare is another important issue. There is a broad range of skills lacking here. Firstly, the sector is in need of people with a technical understanding, in order to handle health data and protect health infrastructure from cyberattacks. Secondly, professionals with a legal and policy background would help to approach health data management from a regulatory perspective.
“We lack people who can move between the two worlds,” said Droz, underlining the necessity to develop and promote cross-sectoral skills.
A devotion to life-long learning would allow cyber professionals to constantly hone their skills in different fields and combine them in order to successfully solve cybersecurity issues.
Finally, social skills are of utmost importance for cybersecurity workers. In the event of emergencies and cyberattacks, an immediate cooperation between government agencies and hospitals must come into place, according to Droz.
“In security things have to go quickly, and you have to be able to talk to others,” he says.
Cyber specialists should then become a focal point and communicate problems to other departments. Better communication and information sharing would allow the health sector to eliminate cybersecurity risks much more efficiently.