Improving Health Center Cybersecurity: Risk Assessment, Breach Defense, Mitigation and Response - Session 1
2992
It's time to reconsider your strategy if you still treat cyber risk as an annual project or initiative. Having a thorough ongoing program in place means that even in the worst-case scenario, you'll be ready to demonstrate that you did what was reasonable and appropriate to protect your systems and patient data. Nothing can guarantee that a cyberattack won't become a breach. Health Centers are a domain with a high potential for data breaches, and the risk continues to grow as health centers use new tools and the introduction of artificial intelligence (AI). As a result, it is crucial for health center leadership to adopt breach prevention strategies across their entire organization, as opposed to relegating it to the IT department.
To support health centers in their cybersecurity strategy and implementation, the HITEQ Center is offering a free learning collaborative -- Improving Health Center Cybersecurity: Risk Assessment, Breach Defense, Mitigation, and Response. This learning collaborative will involve four structured virtual learning sessions. During the series participants will engage with subject matter experts and their colleagues in peer-to-peer learning and discussion. Topics will include: health center breach mitigation tactics, operationalizing cybersecurity to better mitigate risks, cybersecurity implications of generative artificial intelligence in health centers, and incident response planning from a cybersecurity perspective.
Session 1: Identifying and Assessing Cybersecurity Risks at Your Health Center
In the kick-off to our cybersecurity learning collaborative, we sought to build knowledge and increase Health Centers' capacity to effectively prepare for and defend against the current onslaught of malware and ransomware attacks being levied against them. Participants looked at ways to build cybersecurity infrastructure through risk management frameworks and strategic risk assessment, with a focus on protecting information across the whole organization.