Simulated Cyber Attack Pinpoints BYOD As Problem

By Katie Wike, contributing writer

Unsecured mobile devices are vulnerable to attack; recent simulated cyber attacks show mobile amplifies the risk of a breach

CyberRX are exercises that simulate cyber attacks on healthcare organizations. Recently a group ranging from healthcare payers to medical centers participated in exercises that simulated real cyber attacks on healthcare organizations.

The attack scenarios targeted medical devices, health information systems, health exchanges, even HealthCare.gov to see how well they could hold up under such an event. “The growing adoption of new and connected health information technologies and widespread use of mobile devices continue to increase the industry’s exposure to potential attacks,” said Jim Koenig, a health principal at Booz Allen Hamilton, which conducted the study.

As mHealth News reports, the study found:

1. Organizations that participate in cyber exercises are more prepared for a cyber attack. This was regardless of the maturity and comprehensiveness of their information security program.
2. Organizations that can better communicate with all the stakeholders involved - both inside and outside the organization - fared better. This was true for legal, crisis management, business operations, management, and external business partner stakeholders.
3. Organizations learned they want greater freedom to communicate and collaborate during a cyber crisis despite potential legal restrictions.

“The simulation will help better prepare organizations in the healthcare industry against sophisticated threat actors, and assist leaders in identifying organizational vulnerabilities and opportunities for industry cooperation. We believe this industry-specific approach, if not already being used, is a model from which other critical infrastructure sectors can learn and benefit,” said Koenig in a press release.

See the preliminary report HERE