Internet's vulnerabilities at core of healthcare cybersecurity issues

Reliance on the internet, a "fundamentally insecure network," is at the heart of today's cybersecurity problems, according to Joel Brenner, former senior counsel at the National Security Agency.

In an interview with Healthcare IT News, Brenner notes that the internet, initially, was designed to help scientists collaborate with each other. However, he says, while its use has evolved to become "the backbone of our economy," vulnerability consequences were not considered. Brenner is now a research fellow at the Massachusetts Institute of Technology who focuses on cybersecurity, privacy and intelligence policy.

It’s the same across industries, he says, but the stakes are higher in healthcare.

The industry focuses almost entirely on protecting patient data because of the statutory penalties around that, but hackers pose threats to trust in healthcare systems and could shut down operations entirely.

What if, for example, someone were able to hack into a hospital system and change chemotherapy protocols for cancer patients in that hospital by 10 percent, with little chance that it would be detected for some time, he ponders. That could have dire consequences for patients while eroding trust in the healthcare system overall.

“We have a lot at stake here, more than just PHI,” he says.

Brenner suggests healthcare organizations start with governance.