2021 State of Healthcare Report Part Four: Cybersecurity

As we continue our examination of the themes that resonate strongly in 2021, one of the issues we tackle at Epic Specialty Staffing daily pertains to cybersecurity and our ongoing threat intelligence efforts. According to Becker’s Hospital Review, the number of sophisticated cyberattacks on hospitals and healthcare organizations skyrocketed in 2020, with predictions of those threats tripling in 2021.

Read part four of our 2021 State of Healthcare Report, focusing on how healthcare organizations should heed to ongoing security threats in the virtual world. We sat down with Mr. Ryan Miller, Chief Information Security Officer at Epic Specialty Staffing, to discuss the landscape.

Epic Specialty Staffing: A Proactive Partner for Healthcare Organizations

While large companies often have the resources to engage in enterprise-level cybersecurity operations, many small-to-medium-sized businesses rarely get that kind of enhanced protection.

At Epic Specialty Staffing, our IT department ensures that cybersecurity gets the attention it deserves.

“We have documentation for processes, sources of information, specific documentation within data flow of the company,” explains Mr. Miller. “From there, we use our detection points to see who handles the data and where the data Is going compared to our policies and documentation – whether it’s from our enterprise network or a home network where some employees may be working remotely and a myriad of websites needed for business. It gives us a much better idea of our asset inventory and what we need to protect.”

Many news headlines have perpetuated the notion that COVID has allowed for more sophisticated attacks, but in fact, it’s only that hackers are now tailoring their efforts in new ways.

“We’re not looking at an increase of sophistication, we’re looking at an increase in volume. The primary threat is email phishing; the first stage of the attack is an email where the recipient is prompted to download a file to open that executes code that’s malicious or there is a link that prompts the recipient to click a link to view an encrypted document that leads to a fake Office 365 login. We encounter these every month and have found that we’re just above our average for 2019. We’re seeing that attacks are coming to home networks as well as our corporate networks because of an increase in work-from-home. Home networks typically don’t have the same defensive posture as corporate networks, and that makes them an easy launch point into the corporate network if you don’t have the appropriate security for the external connection.” explains Mr. Miller.

Integral Partnerships for Enhanced Security

In addition to our partnership with Sophos, we recently formed a professional alliance with Pulsedive, a threat intelligence outfit based in New Jersey.

We spoke with Mr. Dan Sherry, Founder and CEO, and Ms. Grace Chi, Co-Founder and COO, to understand the importance of their services in a field where the protection of data is critical.

“The cyber threat landscape is constantly evolving and can be overwhelming – this results in ambiguity around what good threat intelligence looks like. At the end of the day, a strong threat intelligence program means having both robust internal as well as relevant and external data that informs meaningful action,” says Ms. Chi.

“With Pulsedive’s open-source platform, we work with Ryan so he has enough information to take action and implement different ways to mitigate any encountered risks,” explains Mr. Sherry.

“With increasing volumes and growing sophistication of threats, defensive security teams benefit by working together. This includes sharing threat intelligence efficiently and effectively,” says Ms. Chi.

Cybersecurity: A Headliner for 2021

At Epic Specialty Staffing, any concern that impacts our partners is our concern as well. That is why our protocol for enhanced cybersecurity continues to be one of our core initiatives for 2021 and the future.

“When you say or think of the word ‘data’ – what you’re really talking about is the manifestation of someone’s life,” explains Mr. Miller.

“Handling data = handling intimate details of someone’s life. From a dollars and cents perspective, it’s easy to lose sight of that. But someone’s life could be deeply affected by errors we make, so it puts it into perspective. Cybersecurity is not something you need to do, it’s something you should do.”

For more information about partnering with Epic Specialty Staffing for your healthcare recruiting needs, or if you have any other questions regarding our enhanced cybersecurity protocols, contact our team today.