At the recent HIMSS25 conference, cybersecurity experts Jon Moore of Clearwater Security and Compliance and Michael Gross of the Cleveland Clinic came together to discuss the ever-evolving landscape of cybersecurity threats and how healthcare organizations can stay ahead of them.
With the increasing use of technology in the healthcare industry, the need for robust cybersecurity measures has become more crucial than ever. The healthcare sector is a prime target for cybercriminals due to the sensitive nature of the data it holds, making it imperative for organizations to be proactive in protecting their systems and patient information.
During their session, Moore and Gross emphasized the importance of staying ahead of emerging cybersecurity threats. They highlighted the need for healthcare organizations to have a comprehensive and proactive approach to cybersecurity, rather than just reacting to threats as they arise.
Moore, who is the Chief Risk Officer at Clearwater, stressed the importance of conducting regular risk assessments to identify potential vulnerabilities in an organization’s systems. He also emphasized the need for continuous monitoring and updating of security measures to stay ahead of new and evolving threats.
Gross, who is the Chief Information Security Officer at the Cleveland Clinic, shared his organization’s approach to cybersecurity, which includes a combination of technology, processes, and people. He stressed the importance of investing in the right technology and tools, but also highlighted the need for proper training and education for employees to ensure they are aware of potential threats and know how to respond to them.
The experts also discussed the importance of collaboration and information sharing among healthcare organizations. With cyber threats becoming more sophisticated and widespread, it is crucial for organizations to work together to share knowledge and best practices in cybersecurity. This can help in identifying and mitigating potential threats before they can cause significant damage.
Moore and Gross also touched upon the role of leadership in promoting a culture of cybersecurity within an organization. They emphasized the need for executives and board members to prioritize cybersecurity and allocate the necessary resources to ensure the organization’s systems and data are adequately protected.
The session also addressed the growing concern of ransomware attacks in the healthcare industry. Ransomware is a type of malware that encrypts an organization’s data and demands a ransom payment in exchange for the decryption key. These attacks have become increasingly prevalent in recent years, with healthcare organizations being a prime target.
To combat this threat, Moore and Gross stressed the importance of having a robust backup and disaster recovery plan in place. This can help organizations recover their data in case of a ransomware attack and avoid paying the ransom.
In conclusion, the session at HIMSS25 highlighted the need for healthcare organizations to be proactive in their approach to cybersecurity. With the ever-evolving nature of cyber threats, it is crucial for organizations to stay ahead of them by conducting regular risk assessments, investing in the right technology and tools, and promoting a culture of cybersecurity within their organization. By working together and sharing knowledge, healthcare organizations can better protect their systems and patient data from emerging cybersecurity threats.
