Think your networks are secure?

Article

Now that security and privacy of patient-specific health information are focal points of hospital administration, a sense of urgency affects recruitment of IT security officers and implementation of new security schemes. Qualified IT security talent

Now that security and privacy of patient-specific health information are focal points of hospital administration, a sense of urgency affects recruitment of IT security officers and implementation of new security schemes.

Qualified IT security talent isn't that easy to find, however. Some security experts believe hospitals are taking huge risks by transferring current IT employees into security roles unprepared and unqualified, said Markus DeShon, Ph.D., of SecureWorks, an Atlanta-based company that designs software to protect corporate networks from hackers.

"One of the biggest mistakes companies make is giving the job of IT security to the system administrator, rather than building a dedicated security team," DeShon said.

He suggests that companies often focus too much on hardware and not enough on the expertise of the people protecting the networks.

As if the Health Insurance Portability and Accountability Act alone weren't enough to sharpen healthcare security concerns, the attacks of Sept. 11 have given the entire U.S. economy cause to reflect on just how vulnerable their networks are to cyber penetration, said Tom Turner, vice president of marketing for OKENA, an intrusion prevention company.

Mere intrusion detection is no longer adequate. Prevention technologies that protect IT systems from inappropriate or malicious behavior represent the next frontier for the security industry.

"The security industry has spent 10 years building hundreds of companies that offer detection," Turner said. "We need prevention, especially in the post-Sept. 11 world. Prevention has to be the security industry's mantra."

Defense in depth is the key to securing digital patient data, according to Turner. It is not just the servers in which the data reside that need securing, but also the desktops and laptops that grant access to this information.

"It is also important to provide security that does not rely solely on user authentication," Turner said. "If these controls are bypassed and administrator privileges are granted, then all the data within the system are at risk."

Security officers need technologies that can define how applications can be used and what they can access in order to provide security for data even if someone achieves administrator privilege.

"We see numerous attacks that are not stopped through traditional means," said Pete Lindstrom, director of security strategies for the Hurwitz Group.

This trend is expected to continue. Seeking a proactive solution to prevent attacks instead of reacting after they hit presents a tremendous cost savings for information security budgets, he said.

Recent Videos
Improving Access to Nuclear Imaging: An Interview with SNMMI President Jean-Luc C. Urbain, MD, PhD
SNMMI: 18F-Piflufolastat PSMA PET/CT Offers High PPV for Local PCa Recurrence Regardless of PSA Level
SNMMI: NIH Researcher Discusses Potential of 18F-Fluciclovine for Multiple Myeloma Detection
SNMMI: What Tau PET Findings May Reveal About Modifiable Factors for Alzheimer’s Disease
Emerging Insights on the Use of FES PET for Women with Lobular Breast Cancer
Can Generative AI Reinvent Radiology Reporting?: An Interview with Samir Abboud, MD
Mammography Study Reveals Over Sixfold Higher Risk of Advanced Cancer Presentation with Symptom-Detected Cancers
Combining Advances in Computed Tomography Angiography with AI to Enhance Preventive Care
Study: MRI-Based AI Enhances Detection of Seminal Vesicle Invasion in Prostate Cancer
What New Research Reveals About the Impact of AI and DBT Screening: An Interview with Manisha Bahl, MD
Related Content
© 2025 MJH Life Sciences

All rights reserved.