The healthcare cyber threat landscape will become even more menacing next year, while a continued shortage of cybersecurity resources will make dealing with those challenges increasingly difficult, says Charles Christian, chairman of the College of Healthcare Information Management Executives.
“Our threats continue to grow,” says Christian, leader of the association for CIOs and other health IT leaders, including CISOs. For instance, mega-hacker breaches revealed so far in 2015 by health insurers, including Anthem Inc., Premera Blue Cross, CareFirst Blue Cross Blue Shield, and Excellus BlueCross BlueShield have compromised data of more than 100 million individuals.
Those attacks, and many others, “show we’re all vulnerable,” Christian says in an interview with Information Security Media Group. “We need to stay vigilant and continue to watch the threat environment.”
A lack of resources “and limited staff that can address these issues” makes addressing data breach threats even more problematic, he says. While security tools that can be put into place to help prevent and detect cyberattacks, “there’s also time and energy and human resources that need to be put in front of [the technology] to make sure the wheels don’t run off the wagon,” he adds.
In the interview, Christian also discusses:
- Ways that the healthcare industry can work with the federal government and other sectors to improve cybersecurity;
- Why data breaches often take so long to detect;
- Initiatives planned for 2016 by CHIME, as well as its recently launched subgroup, the Association for Executives in Healthcare Information Security, which helps CISOs collaborate with their peers.
In addition to his role at CHIME, Christian is vice president of technology and engagement at Indiana Health Information Exchange. Before joining the health information exchange organization earlier this year, Christian was CIO of St. Francis Hospital in western Georgia. Earlier, he served as the CIO for Good Samaritan Hospital in Vincennes, Ind., for almost 24 years. In 2010, Christian was recognized by CHIME and Healthcare Information Management and Systems Society with the John E. Gall Jr., CIO of the Year Award. He also served as chairman of the HIMSS board from 2008 to 2009.