To:
From:
Subject:
Please enter the text in the same order as shown in the Image below
Take Courses
Get Certified
Attend Events
Explore Resources
About
×

DRI International Accessibility Statement

DRI International is committed to ensuring that individuals with disabilities can access the content offered through our website, www.drii.org.

If you are having trouble accessing www.drii.org, you can email driinfo@drii.org for assistance. Please put "ADA Inquiry" in the subject line of your email and we will assist you.

Healthcare Cybersecurity: Fighting Phishing with Employee Education

April 4, 2019 Leave a comment DRI Admin

Want to reduce your organization’s risk of cybersecurity incidents? The key is educating employees before bad habits set in, according to new research.

The healthcare sector is particularly susceptible to phishing attacks because high employee turnover leads to an influx of new staffers without previous cybersecurity training, says a new report from the Journal of the American Medical Association.

Studying six diverse healthcare organizations from 2011 to 2018, researchers simulated 95 phishing campaigns, sending about 3 million emails to the organizations’ employees. The result: employees opened 422,062 malicious emails – about 14%. Personal emails were the most significantly associated with increased click rates.

But the researchers also saw a pattern: the more phishing campaigns they launched, the lower the click rates dropped, suggesting that employees became more aware of the threat and less likely to engage. Because of this, the researchers encourage organizations – particularly in the healthcare sector – to develop dedicated training to increase employee awareness.

Employee turnover isn’t the only reason healthcare is particularly vulnerable. The researchers also warned of “significant end point complexity” noting:

“Every employee smartphone that is connected to the network is a potential risk, as are other networked devices. Hospital information systems are highly interdependent. An EHR is dependent on a laboratory information system to display clinical results.”

DRI can help your organization become more cyber-aware with its new Cyber Resilience for the Business Continuity Professional (CRLE 2000) course. More than just another statement of the problem, CRLE 2000 is an information-packed four-day experience that will provide an understanding of how to address cyber disruptions within a business continuity framework. You’ll discover how business continuity and cybersecurity must integrate within every organization, using the five elements of cyber resilience: prepare/identify, protect, detect, respond, and recover. Click here for additional course information.

Headquarters
1115 Broadway
12th Floor
New York, NY 10010

London Office
Tallis House
2 Tallis Street
London, EC4Y 0AB

©2021 DRI International, Inc. All Rights Reserved.

consult-ic