As hospitals become increasingly interconnected, cybersecurity challenges are evolving rapidly, that's why New York City-based Montefiore Health System's CIO is looking at other industries for cyber strategy.
"Hospitals are more connected than ever — everything from medical devices to patient records uses the internet," Deepesh Chandra, CIO of the health system, told Becker's.
While this connectivity enhances care delivery, it also increases vulnerability to cyber threats like ransomware and phishing, which have increased across industries. For instance, a Microsoft report found a 300% increase in ransomware attacks since 2015, with healthcare being among the most affected sectors.
To address these risks, Montefiore is adopting a multi-faceted strategy that includes staff training, vendor vetting, and building resilient technical infrastructure. But Mr. Chandra is also drawing on insights from other industries.
"We're also looking to other industries like finance and transportation, who've been dealing with these threats longer, to adopt best practices and stay ahead of potential risks," Mr. Chandra said.
He emphasized that healthcare can't operate in isolation; it must continuously assess how other industries protect their systems and apply those lessons internally.
"Like our counterparts across other sectors, we've implemented robust authentication methods, strong data protection and encryption practices, learned how to manage vast amounts of user data while maintaining security, and built in protections to increase our resiliency in the event of data disruptions," he said. "Additionally, we're exploring ways to build modern redundancies and faster recovery of infrastructure in the event of an outage."
Looking ahead, Mr. Chandra believes predictive analytics and automation will play a crucial role in both cybersecurity and patient care.
"For cybersecurity, AI can help us identify potential threats before they happen, giving us an edge in preventing attacks," he said.