New program empowers healthcare IT teams to quickly assess gaps in security readiness and identify opportunities for improving security posture
VMware, Inc. recently announced a collaboration with Intel Health and Life Sciences to help global healthcare organizations better understand the current state of their security readiness. Joining Intel’s Healthcare Security Readiness Program, VMware can now offer a new complimentary service that enables healthcare IT teams to gain valuable insight into their security posture compared to the industry when it comes to breach risk mitigation. VMware can also help organizations identify safeguard solutions that can be implemented to further reduce risk and improve their security posture.
VMware and Intel will showcase this program in VMware booth #3661 at the 2017 HIMSS Annual Conference & Exhibition, February 19–23, 2017 in Orlando, Fla.
In May 2016, the Ponemon Institute’s Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data revealed that for six years running, data breaches in healthcare were consistently high in terms of volume, frequency, impact, and cost. The report noted that upwards of 90 percent of healthcare organizations had a data breach in the past two years, and nearly half had more than five data breaches in the same time period. The report further suggests that estimates for the cost of breaches in healthcare could exceed USD $6B, with the average cost of data breaches estimated at more than $2.2M while average cost to business associates in the study is more than $1M. Ransomware, malware, and denial-of-service (DOS) attacks were noted as the top cyber threats facing healthcare organizations according to the report.
As a participant in Intel’s Healthcare Security Readiness Program, VMware offers healthcare organizations a one hour, complementary, confidential engagement with a security assessor to measure their organizations’ technical security priorities and safeguards using a unique healthcare security maturity model. To date the model has been used by more than 60 healthcare organizations across nine countries to create a baseline against which participating organizations can measure their technical readiness across 42 security capabilities. The model also looks at administrative controls such as policies, incident response plans and business continuity/disaster recovery capabilities.
“Today’s hackers operate as professional organizations, meaning they do a lot of planning and diligence before executing attacks. This means healthcare organizations must be equally proactive and thoughtful in how we assess the security of our organizations,” said Hussein Syed, CISO at RWJBaranbas Health in New Jersey. “This healthcare security readiness program gives healthcare organizations access to a wealth of actionable information, at no cost, and with very little investment of time or resources.”
Participating healthcare organizations will receive a report summarizing the findings, including maturity level, how they compare with the rest of the healthcare industry, any gaps in their security and a multi-year plan to improve their infrastructure and security preparedness. This report can also help organizations identify where addressing a gap may also help them achieve compliance with privacy and security regulations, data protection laws and standards specific to the healthcare industry. These include the Health Information Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), and the General Data Protection Regulation (GDPR), among others.
“VMware’s mission is to transform the cost, quality and delivery of patient care, and cyber threats are public enemy number one in achieving this objective for our customers,” said Frank Nydam, vice president of healthcare, VMware. “With the free Healthcare Security Readiness Program, our goal is to empower our customers with the information they need to tighten their security controls and identify potential security blind spots in a way that is neither time nor cost intensive.”
“Many breaches including ransomware and cybercrime hacking are opportunistic, often affecting healthcare organizations that are least prepared,” said Jennifer Esposito, general manager of Global Health and Life Sciences at Intel Corporation. “Results of this program to date show a wide spread of readiness for healthcare organizations across different types of breaches. Cybercrime hacking readiness results show the least prepared healthcare organization having only 25 percent of relevant security capabilities, while the most prepared has 88 percent. The average cybercrime hacking readiness to date is 59 percent, showing the healthcare industry as a whole has much room for improvement in security and mitigating risk.”
VMware Healthcare Solutions
Healthcare organizations demand an ever-increasing mobile, digital workspace that securely delivers applications and data to growing numbers of caregivers and patients. VMware Healthcare Solutions enable the next generation of patient-centric care. Through a software-defined healthcare IT platform, VMware enables healthcare organizations to maintain an integrated, mobile-ready, agile and secure IT infrastructure. This positions the organization for growth while keeping data secure and compliant when delivering information across any device.
VMware, a global leader in cloud infrastructure and business mobility, helps customers accelerate their digital transformation. VMware enables enterprises to master a software-defined approach to business and IT with VMware Cross-Cloud Architecture and solutions for the data center, mobility, and security. With 2016 revenue of $7.09B, VMware is headquartered in Palo Alto, Calif., and has over 500,000 customers and 75,000 partners worldwide.
SOURCE: VMware, Inc.