Cybersecurity in Healthcare (Hospitals & Care Centres)

Go to Course: https://www.coursera.org/learn/cybersecurity-in-healthcare

Introduction

### Course Review: Cybersecurity in Healthcare (Hospitals & Care Centres) In an era where digital transformation is becoming increasingly prevalent, the **Cybersecurity in Healthcare** course offered on Coursera is a crucial resource for professionals in the healthcare sector. Developed as part of the SecureHospitals.eu project, this course aims to enhance awareness and understanding of cybersecurity's vital role within healthcare environments, such as hospitals and care centers. #### Course Overview The course is structured to address the complexities of cybersecurity as it pertains to healthcare systems, acknowledging the growing interconnectivity through technology. The syllabus is comprehensive, divided into five modules that methodically explore various critical aspects of cybersecurity challenges and solutions in the healthcare sector. 1. **Cybersecurity in Healthcare: Technology, Data, and Human Behaviour** - This module establishes a foundation for understanding the rapidly evolving landscape of healthcare technology and its vulnerabilities. It highlights how digitalisation creates both opportunities and threats, emphasizing the critical need for robust cybersecurity measures. 2. **Social Aspects of Cybersecurity: Social Engineering and Social Media** - This module dives into the human factors influencing cybersecurity. It acknowledges that while technology plays a significant role, human actions can often undermine security efforts. The focus here is on social engineering tactics that exploit emotional responses and how social media can unknowingly become a breeding ground for data breaches. 3. **Data Breaches, Hackers, and Malware in Healthcare** - Real-world cases, such as the WannaCry ransomware attack on the NHS, provide a stark reminder of the dangers healthcare organizations face. This module examines the motives behind cyberattacks and the various forms of malware that can emerge, equipping learners with knowledge of how to recognize and mitigate these threats. 4. **Cyber Hygiene: Practices to Improve Cybersecurity** - With an emphasis on preventive measures, this module introduces cyber hygiene practices. It covers a broad range of behaviors that individuals and organizations can adopt to safeguard their digital environments, including safe communication, effective password management, and regular software updates. 5. **Security Culture: Creating a Positive Environment to Practice Cybersecurity** - This concluding module discusses how a strong security culture is essential for the effective implementation of cybersecurity practices within healthcare organizations. It explores the importance of fostering an environment where security is a shared responsibility and addresses the common pitfalls of merely enforcing policies without cultivating a genuine commitment to security. #### Course Features and Learning Resources The course is well-supported with an extensive library of resources available for participants. By visiting the provided links, learners can access additional materials to deepen their understanding of various topics covered in the course. * **Engagement**: The format is interactive, encouraging discussions and providing opportunities for learners to apply their knowledge to real-life scenarios. * **Expert Insights**: Developed under the auspices of a European Union-funded project, this course benefits from expert input and research, making it a credible source of knowledge in a field where information is constantly evolving. #### Recommendation I highly recommend the **Cybersecurity in Healthcare** course for anyone working within medical institutions or related organizations. Whether you are directly involved in IT, management, or clinical services, understanding the complexities of cybersecurity can significantly impact your organization’s resilience against cyber threats. This course is invaluable not only for developing personal competencies but also for promoting a culture of security within healthcare systems. The insights gained here will empower healthcare professionals to make informed decisions that protect sensitive data and ultimately enhance patient care. If you work for a hospital, clinic, care center, or similar entity and are committed to improving both personal and organizational cybersecurity, investing your time in this course will be well worth it. Enroll today on Coursera and start your journey towards becoming a cybersecurity advocate in healthcare.

Syllabus

Cybersecurity in healthcare: technology, data, and human behaviour

It was predicted for 2020 that over 20 billion devices would be connected worldwide – from cell phones to wearable devices, from fridges to coffee makers, almost anything that can be connected to the internet will be connected. But how is increased interconnectivity affecting the healthcare sector – healthcare organisations, the people who work in them, and their patients? The increased digitalisation that we have seen and still see has many advantages, but widespread interconnectivity is also affecting cybersecurity across the world. Healthcare organisations have become a major target for cybercriminals because of the data they hold. Accidents that lead to data breaches can have severe consequences for the patients, staff members, and the healthcare organisation itself.How can healthcare organisations protect themselves, their staff and their patients against these growing threats? And how can healthcare professionals contribute to this process? In this first module, we will dive into the concept of cybersecurity and why it applies to healthcare. Furthermore, we will discover both the opportunities and challenges that have come into existence alongside digitalisation in healthcare. Finally, we will take a first look at the specific threats that healthcare and social care organisations may face. Note: Whenever you feel like you want more information but you don’t know where to start: we have an online library of a range of resources available to you. Please visit: https://www.zotero.org/groups/2280149/securehospitals/library. You can also find the link to the library in the ‘Resources’ tab in the menu.

Welcome to the second module of the course! In this module we will explore the social factors that may influence human behaviour in relation to medical technologies. It is often mentioned that the ‘human is the weakest link’ in cybersecurity. And while the choices we make and the way we act can be problematic, we want to show how cybersecurity incidents often stem from a combination of factors, in the interaction between the human and technology. We will take an in-depth look at how social engineers try to exploit human emotions and natural responses. Additionally, we show how social media use can become problematic. Not just in terms of patient privacy, but also as a treasure trove for cybercriminals to obtain information.

One of the most well known cases of malware, or ransomware, is WannaCry (2017) that affected the National Health Service (NHS) in the UK especially hard. The case highlights the essence of cybersecurity in the healthcare domain. For this reason we dive deeper into threats against cybersecurity in healthcare organisations in this third module. We take a look at data breaches and the consequences such incidents may have. We explore methods and motives of hackers - what makes healthcare so attractive to them? Finally, we look at different types of malware and how they are deployed. For each of these topics, we provide cases that give an overview of the events and the consequences for the healthcare organisation that was victimised. These real life examples will bring contemporary cybersecurity challenges alive.

In the fourth module, we will move the focus to methods to improve cybersecurity. In this module, we will explore the concept of cyber hygiene: practices that improve cybersecurity. These are behaviours that individuals can do on their own, but also higher level practices that organisations should employ to remain secure and resilient. In particular, we will highlight digital communication and safe emailing, encryption, device management, password management, and software management. This includes updates and backups.

In the fifth and final module, we build on the social aspects of cybersecurity by exploring the concept of cybersecurity culture. We discuss how healthcare organisations may create or maintain an environment where cybersecurity practices might be ignored, promoted, or even discouraged - influencing the uptake of good cybersecurity behaviours. Often, policies and regulations are implemented to steer behaviour and improve cybersecurity. But as you will learn, merely implementing such policies may not be successful as workers may find ‘workarounds’, or ways to circumvent security measures. We will show how investing in cybersecurity culture may be necessary to prevent workarounds from being exploited, making employees more aware and invested in cybersecurity, and to improve cybersecurity in the healthcare organisation. Do you work for a hospital, clinic, medical practice, care centre, care provider, social care organisation, or nursing home? Do you want to improve your personal or your organisation’s cybersecurity (cyber security, IT security, information security, network security, computer security, awareness)? Then please visit www.securehospitals.eu to gain access to a range of resources. You can also join the Security providers and Trainers platform (see: https://www.securehospitals.eu/for-providers-and-trainers/) or our Community of Practice (see: https://www.securehospitals.eu/community/).