Ethical hackers are becoming crucial allies in the battle against healthcare data breaches and ransomware attacks. In the twelfth episode of Sheppard Mullin’s Health-e Law Podcast, Ilona Cohen, Chief Legal Officer and Chief Policy Officer of HackerOne, delved into the pressing issue of cybersecurity in the healthcare sector and the pivotal role that ethical hacking may play, with Sheppard Mullin’s Phil Kim, Sara Shanti, and Michael Sutton.
The Rising Tide of Cyber Threats in Healthcare
Cohen provided a fascinating overview of the healthcare cybersecurity landscape, highlighting the dire consequences stemming from data breaches and the real-world impact of such breaches beyond theft of data, which can profoundly affect patient trust. The healthcare industry is increasingly finding itself at the crosshairs of cybercriminals, with data breaches and ransomware attacks becoming disturbingly common and the price tags for addressing and resolving such events continue to rise. Such concerns serve as a harrowing reminder of the vulnerability of healthcare infrastructure and the urgent need for proactive security measures, particularly as attempted data breaches and ransomware attacks will likely only increase in the days ahead.
The Case for Ethical Hacking
Ethical hacking, as Cohen explained, leverages the craft of highly skilled cybersecurity experts to identify and rectify vulnerabilities within a system, before malicious actors can exploit those vulnerabilities to cause data breaches. HackerOne’s success stories, including the notable “Hack the Pentagon” program, which amassed reports of over 50,000 vulnerabilities, underscores the potential effectiveness and necessity of such initiatives. However, despite its proven benefits, adoption of these strategies has been slower in the healthcare industry compared to other fields. Cohen contends that overcoming this hesitancy will be critical for the ongoing success of ethical hacking, particular in the healthcare industry.
Healthcare Needs More Hackers
Ultimately, Cohen champions the idea that the healthcare industry needs more ethical hackers in an effort to help prevent data breaches. The narrative around hacking often conjures images of nefarious activities, but as Cohen highlighted, ethical hackers can be invaluable allies in the fight against cyberattacks. In particular, ethical hackers can offer unique perspectives and skills that significantly enhance the security posture of healthcare entities by exposing vulnerable areas before they can be exploited in a cyberattack.
The Bottom Line
With cyberattacks increasingly targeting the healthcare industry, there is a desperate need for urgency in addressing cybersecurity and related vulnerabilities. The insights shared by Cohen serve as a wakeup call to the healthcare industry to consider ethical hacking and other innovative cybersecurity measures. Despite the promise of ethical hacking, challenges remain with respect to adoption in the healthcare setting. It will be more important than ever to carefully navigate these hurdles, particularly in the highly regulated healthcare industry.
To listen to this episode, click here.