Intelligent Health.tech Issue 07 | Page 18

H E A L T H I N S I G H T S
About signals of a cyberattack , know when one is happening and know how to reduce any risks to patient safety .
Training should include :
1 . Basic cyber-hygiene tips – Including , using strong passwords that are changed regularly , enabling Multi-Factor Authentication and not clicking on unknown links .
Richard Staynings is a globally renowned thought leader , author , public speaker , and international luminary for healthcare cybersecurity . He has served on numerous working groups and boards and has helped governments and private providers formulate long-term strategies and tactical action plans for improved cybersecurity and patient safety across the industry and across the world .
Richard serves as Chief Security Strategist for Cylera , a pioneer in the space of medical device and HIoT security . He is also author of Cyber Thoughts , a leading healthcare cybersecurity blog , and teaches postgraduate courses in cybersecurity and health informatics at the University of Denver , University College .
2 . Awareness – Training employees to recognise the signs of a device that is acting differently from how it should and when it needs to be reported to IT services for review . This should also entail ensuring that medical personnel are well-versed in the risks associated with using these medical devices , such as understanding what a ransomware attack is , what its effects are , how it is initiated and how to respond to unknown emails and steer clear of phishing emails .
3 . Correct processes – Medical staff members should be aware of the proper procedures for safely connecting medical devices to avoid common mistakes like these devices connecting to a public Wi-Fi network .
4 . Clean up – All online-connected medical and IT systems need to be properly maintained and managed in terms of IT hygiene . Requirements for IT hygiene should be flexible .
5 . Incident response plan – In the same way that everyone has a part to play during a fire drill , there should be an action plan in place in the case of a cyberattack .
18 www . intelligenthealth . tech