TBW ADVISORS LLC

Tag: deploy automation

  • Whisper Report: What are the best practices for enhancing cybersecurity in healthcare?

    Whisper Report: What are the best practices for enhancing cybersecurity in healthcare?

    Whisper Report: What are the best practices for enhancing cybersecurity in healthcare?

    Published to clients: June 18, 2025                                                ID: TBW2063

    Published to Readers: June 19, 2025

    Email Whispers: July 22, 2025

    Public & Video Edition: July 23, 2025

    Analyst(s): Dr. Doreen Galli

    Photojournalist(s): Dr. Doreen Galli

    Abstract:

    Cybersecurity in healthcare is responsible for protecting the data that represents the life’s story of patients and infrastructure to enable proper care. Managing and securing the plethora of edge devices and the interoperability of all the technologies is an increasing challenge. There are four steps to take to enhance your healthcare cybersecurity: select a framework, leverage depth in defense, automate where possible, and test your environment.

    Target Audience Titles:

    • Chief Information Security Officer, Chief Information Officer, Chief Security Officer, Chief Technology Officer, Chief Compliance Officer, Chief Data Officer, Chief Privacy Officer
    • VP of Cybersecurity, Director of Information Security
    • Security Architect, Information Security Architect, Network Security Engineer, Systems Security Engineer, SOC Analysts, IAM Specialists, Director of Privacy

    Key Takeaways

    • Device maintenance and interoperability continue to challenge healthcare environments cybersecurity.
    • Four steps to enhance cybersecurity in healthcare environments. Select a framework, leverage depth in defense, automate where possible, and test your solution.

    Tags

    cybersecurity, privacy, healthcare, healthcare technology, health tech, HIMSS, HIPPA, medical devices, edge devices, IoT, depth in defense, automate, integration, cybersecurity frameworks, Evidently, Hal Wolf, Kai Romero, Brennen Reynolds, Absolute Security, Alexander Group, Trey Chamberlin, Aisera, Daniel Carvajal Marin

    What are the best practices for enhancing cybersecurity in healthcare?

    We took the most frequently asked and most urgent technology questions straight to the health systems technology experts gathering at the Healthcare Information and Management Systems Society (HIMSS) 2025 Global Health Conference and Exhibition or HIMSS 25 for short. This Whisper Report addresses the question regarding the best practices for enhancing cybersecurity in healthcare. Given that data breaches in 2024 affected 1 in 2 American’s health records, cybersecurity is top of mind in healthcare1. But healthcare data is not your shopping data, it represents much more. As Evidently’s Kai Romero shared, “the narrative Arc of who they are how they’ve suffered, how they’ve overcome the illnesses that they’ve experienced, you can’t treat that lightly … this is their life.” But there is a reason for concern in healthcare. For those unfamiliar, Russia has been found the source of ransomware attacks on the healthcare industry2. As HIMSS Hal Wolf shared, “security is a major issue our own the federal government the United States just announced that they were bringing down cyber security blockage or fundamentals against another foreign country recently that was yesterday.” There is no indication that the cyberattacks on healthcare will stop, just an announcement that the government is no longer stopping such attacks.

    Where are the vulnerabilities?

    Understanding that healthcare data represents the whole person and their life, where are the vulnerabilities coming from in the healthcare environment? Examining the source of the security vulnerabilities can offer insights to the efforts to defend and protect this valuable healthcare data. Turns out there are two large sources of vulnerabilities.

    Device Maintenance

    First, devices in the healthcare environment itself are an issue. As we discussed in Whisper Report: How can AI be effectively integrated into healthcare systems?, many devices on site are old. They may not have over the air (OTA) updates, may require human in the loop to update. As Absolute Security’s Brennen Reynolds stated, “any given organization that man that has our technology about 15% of the devices that are being manually managed have some missing critical security control which increases their risk to either an operational outage or a cyber event like Ransomware.” It may sound like simple advice you have heard a million times, but keeping your equipment up to date with the latest software and security patches is simply critical.

    Interoperability

    Healthcare creates complicated environments full of an array of diverse vendors. Somehow these vendors and their technology – or more specifically – the diverse array of data about the patient derived must interoperate. Not just interoperate, the data must come together to provide a picture of the patient for the practitioner. Unfortunately, as Alexander Group’s Tray Chamberlin pointed out, “a lot of interoperability issues and leaks.” Getting the technology to work together is so difficult in and of itself, the process created that ‘works’ may not be a secure solution. It is critical that during any interoperability project that protection of the data in the processes is the first a priority. Furthermore, the integration architecture and solution must      be examined at a detailed level to understand and identify any potential leakages created in the process.

    Solutions

    Organizations concern about security in healthcare technology is not going to go away. Per HIMSS’s Hal Wolf, “this is going to be the coinage of which we really improve Healthcare is information (and) information comes from data the data will be unprotected so .. it is why it (cybersecurity) is one of our (HIMSS) four focus points.. at HIMSS (25) digital Health transformation, AI, cyber security, and Workforce Development.” Information is how we improve care, thus information is the goldmine of healthcare. Figure 4 depicts Four Steps to Enhance your Healthcare Cybersecurity.

    4 steps to enhance healthcare cybersecurity 1. Select Framework 2. Leverage Depth of Defense 3. Deploy Automation 4. Test!

    Select Framework

    Through the various conversations while conducting this research, it became very clear that each organization has their own framework to guide their cybersecurity program. When selecting amongst the frameworks, ensure these common characteristics are present.

    • It should be 100% restricting while enabling productivity.
    • Needs guardrails and controls
    • It should be deliberate and intentional with how it handles your assets.

    Leverage Defense in Depth

    Regardless of where the technology is used within healthcare, certain security practices should be consistent. As Evidently’s Kai Romera shared, “some of the same things that we use in the clinical setting to protect patient data whether that’s logging out of a screen pretty quickly after it’s not active or you know taking away the protected patient information so that anyone who’s looking at the screen would not know who that patient was you want to know that they’re employing those things because this (is) patient data.” Understanding no single method covers all scenarios, it is good to use every method available when possible. For example, clinical data masking technology and standards can easily be applied to the terminals used at the front desk and billing as well.

    But data masking is not just useful at the terminal level. As Aisera’s pointed out, regarding you agentic AI solutions, we can do everything from masking PII for mask any personal data “architecture that’s going to keep your data private data privacy is probably the most important thing especially when it comes to healthcare right .. but also how it is stored right even in our cloud approach” our customers get the unique architecture so when you’re training the LLM you’re not trained in our models.”

    Deploy Automation

    Many shy away from automation, but as we pointed out in Conference Whispers: Black Hat USA 2019, a ransom ware attack can take down an organization in 30 minutes. What human on call can get notified, get online and stop an attack that fast? Furthermore, as Absolute Security’s Brennan Reynolds shared, “topic of automation there’s just too many things to be done in a day to allow and require humans to be doing all of the maintenance and management task so if the it devices across their organizations whether you have a th000 devices 10,000 or a million devices you’re never going to have enough staff to manually execute tasks to keep those devices safe and secure.” Thus it is physically impossible to stop many attacks or even simply update all the devices on site without automation.

    Test!

    Regardless of the care taken, it important to review the architecture and test the system. As Alexander Group’s Tray Chamberlin explained, “make sure that it’s not just we want this system we want to stand it up and we want the functionality but also going through the paces and testing and making sure that is playing nice but also doesn’t open up a new vulnerability within your system going forward.” A system that simply works is not the goal. Rather, a system must work and be secure, resilient, and hardened against attacks including its integration points is the minimum standard.

    We will close with remarks by HIMSS’s Hal Wolf, “ I think cyber security is going to continue to be at the Forefront of our thoughts whenever you’re dealing with data and information they are going to be bad actors… HIMSS is focused on cyber security we have cyber security forums (and) there are cyber security events taking place.”

    *When vendors’ names or quotes are shared as examples in this document, it is to provide a concrete example of what was on display at the conference or what we heard doing our research, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document.

    Related playlists

    1. Whisper Report: HIMSS: Question 1: How can AI be effectively integrated into healthcare systems??
    2. Conference Whispers: HIMSS 25

    Corporate Headquarters

    2884 Grand Helios Way

    Henderson, NV 89052

    ©2019-2025 TBW Advisors LLC. All rights reserved. TBW, Technical Business Whispers, Fact-based research and Advisory, Conference Whispers, Industry Whispers, Email Whispers, The Answer is always in the Whispers, Whisper Reports, Whisper Studies, Whisper Ranking, The Answer is always in the Whispers, and One Change a Month, are trademarks or registered trademarks of TBW Advisors LLC. This publication may not be reproduced or distributed in any form without TBW’s prior written permission. It consists of the opinions of TBW’s research organization which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, TBW disclaims all warranties as to the accuracy, completeness or adequacy of such information. TBW does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by the TBW Usage Policy. TBW research is produced independently by its research organization without influence or input from a third party. For further information, see Fact-based research publications on our website for more details.