Security News

VMware Joins Intel Health IT Security Readiness at HIMSS17

VMware joins Intel's Healthcare Security Readiness program to help healthcare organizations identify weaknesses in health IT security.

Source: Thinkstock

By Elizabeth O'Dowd

- At HIMSS17, VMware announced a new collaboration with Intel Health and Life Sciences to benefit healthcare organizations by understanding their current health IT security readiness.

VMware now offers new services as part of Intel’s Healthcare Security Readiness Program. The services allow healthcare IT administrators to look into their security system and compare it to industry standard breach mitigation. The initiative enables organizations to identify security solutions their health IT infrastructure may be lacking.

VMware cites the constant threat of healthcare data breaches as the driving factor behind the security collaboration with Intel.

A Ponemon Institute survey conducted late last year reported that 90 percent of respondents experienced a healthcare data breach in the past two years. Researchers found that healthcare data breaches were consistently high in terms of volume, frequency, impact, and cost.

As health IT security technology becomes more advanced, so do the hackers attacking the networks. Hackers are more organized and equipped to bring down large-scale network security deployments.   

"Today's hackers operate as professional organizations, meaning they do a lot of planning and diligence before executing attacks. This means healthcare organizations must be equally proactive and thoughtful in how we assess the security of our organizations," RWJBaranbas Health Chief Information Security Officer Hussein Syed said in a statement. "This healthcare security readiness program gives healthcare organizations access to a wealth of actionable information, at no cost, and with very little investment of time or resources."

As part of Intel’s Healthcare Security Readiness Program, VMware now offers healthcare organizations a complementary meeting with a security assessor to review and measure the organization’s security system to determine which safeguards may be missing. VMware uses a health security maturity model to test the security solution based on the kinds of attacks currently common in health IT.

Organizations may have the correct security solutions in place, but they may not be working to their capacity, leaving security gaps in the network. The program consultants will review security solutions so organizations can be sure they are deployed correctly.

Healthcare organizations participating in Intel’s Healthcare Security Readiness Program will receive a report detailing the findings, which include an IT security maturity level, how it compares to other IT security systems in the healthcare industry, any gaps in security, and a multi-year plan to improve infrastructure security.

The report also helps organizations identify how to repair a security gap while also remaining HIPAA-compliant.

"Many breaches including ransomware and cybercrime hacking are opportunistic, often affecting healthcare organizations that are least prepared," Intel Corporation Global Health and Life Sciences General Manager Jennifer Esposito said in a statement. "Results of this program to date show a widespread of readiness for healthcare organizations across different types of breaches. Cybercrime hacking readiness results show the least prepared healthcare organization having only 25 percent of relevant security capabilities, while the most prepared has 88 percent. The average cybercrime hacking readiness to date is 59 percent, showing that the healthcare industry as a whole has much room for improvement in security and risk mitigation."

The healthcare industry is one of the most cyberattacked verticals.  The rise of ransomware and phishing attacks leave clinical data vulnerable to theft, making security solution consultations an invaluable defensive tool.

Organizations need to be sure their security system can protect the network from internal and external threats, and can recognize small scale attacks that can infect the network.

The Intel Healthcare Security Readiness Program gives organizations the opportunity to test their security environment without risking clinical data.