How Cybersecurity Supports Patient Safety and Reliability of Care During a Pandemic
The pandemic has seen an increase in cybercrime, and cybersecurity has a role to play not just in thwarting attacks but enabling better care.
“Cybercriminals never let a crisis go to waste,” reveals Vugar Zeynalov, Cleveland Clinic’s Chief Information Security Officer. “Cybercrime has dramatically increased during the pandemic, emphasizing the role of cybersecurity in not only protecting our data but also enabling our core mission of caring for people.”
Cleveland Clinic is a non-profit academic medical center. Advertising on our site helps support our mission. We do not endorse non-Cleveland Clinic products or services Policy
“Healthcare workers are physically and emotionally exhausted, and many health systems had to completely transform their technology system to accommodate significantly higher volumes of remote care,” Zeynalov explains. “Cybercriminals see these as opportunities to disrupt and extort health systems that are already struggling.”
What role does cybersecurity—typically tasked with protecting data—play in keeping people healthy during a pandemic? As it turns out, a critical one. Cleveland Clinic’s Cybersecurity team expanded programs during the pandemic to enable patients and caregivers to connect virtually, specifically telehealth, remote access, and peer collaboration. Providing safe telehealth and videoconferencing platforms allows patients to seek care in a safe environment and enables caregivers to help more people while minimizing their risk. During the pandemic, Cleveland Clinic was facilitating 26 times the number of virtual visits than it was before the pandemic. The pandemic led to the largest remote work experiment in history as organizations tried to keep their employees safe. As interactions have become increasingly digital and employees connect work computers to their home networks, Cybersecurity helped extend the trusted and resilient digital platforms into people’s homes.
Cleveland Clinic’s Cybersecurity Operations Center (CSOC) is the nerve center for coordinating and dispatching cybersecurity activities for the Clinic’s hospitals, institutes, and more than 200 facilities worldwide. “The center is co-located with our Global Security Operations so that we can share information and coordinate physical and digital responses to potential incidents,” says Zeynalov. “Live feeds from all our security tools integrate with streaming threat intelligence from our industry partners, law enforcement, and threat analysis services so that we can identify threats early and respond swiftly.”
With 24/7 staffing, the CSOC is prepared to launch an immediate response to a potential cyber event. The center also hosts regular incident response exercises and tabletop events with participants from across the enterprise to ensure safety and reliability of care during an event.
The CSOC is an essential line of defense as cyber criminals use the pandemic as a pretext to conduct their malicious operations. Last year the CSOC saw:
“Traditionally, cybersecurity professionals have said that the most vulnerable element of any system is the human element. However, a well-trained caregiver can be the most versatile line of defense,” Zeynalov explains. “If the caregiver detects something suspicious and reports it, we can act quickly to mitigate the risk. People are great at noticing subtle clues and adapting, which allows them to protect what machines can’t.” Because of this, our cybersecurity team spends considerable time building awareness and educating caregivers about how cyber risk can present itself in their specific roles.
According to Zeynalov, there has been an increase in espionage efforts aimed at coronavirus vaccine research. In addition, fake COVID-19-themed phishing emails, phone calls and text messages are being used to lure victims to visit websites with payment scams and malicious software — all designed to exploit human traits, such as concern and curiosity.
From the beginning of the pandemic, the Cleveland Clinic communications team has been vigilant in curating accurate news and information related to COVID-19. “By providing trustworthy information, Cleveland Clinic is helping its caregivers and patients navigate the complexities of these difficult times while reducing their risk of falling victim to a cyber scam,” says Zeynalov.
Not every cyber threat is preventable. While it’s impossible to predict how a cyber event may unfold, Cleveland Clinic relies on three core pillars to help it recover from a cyber incident or other business interruption that impacts patient care:
While cybercriminals used the pandemic to bolster their targeting of healthcare systems, Cleveland Clinic’s cybersecurity program heeded the call to support patients in a time of great need and caregivers as they battled on the front lines. The pandemic highlighted how important the next frontier of care delivery is; technology can rapidly expand our reach through non-traditional channels that enhance safety and convenience for patients and caregivers. Cybersecurity is how we ensure those technologies are highly reliable so that we are prepared to deliver outstanding care in any situation.