Expert Claims Healthcare Cybersecurity is “Worse Than Reported”

On April 4, Terence Rice, Vice President & Chief Information Security Officer (CISO) at Merck & Co., Inc. presented a concern to the Subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce-he stated that cybersecurity in the healthcare industry is much worse than is narrated. He suggested that solutions will require a transparent partnership of both public and private.

Rice cited the 2016 IBM Cyber Security Intelligence Index, which reports the healthcare industry as the most attacked industry, with reasons on why risks to the industry are understated in media reports. He believes that organizational concerns about reputational damage, the inadequate resources of smaller businesses, the transferability of healthcare information, and the abundance of software for healthcare are all factors in cybersecurity risks.

He is confident, however, that with initiatives that are already put in place-the Department of Health & Human Services Sector Coordinating Council; NH-ISAC, an alliance of more than 200 companies in the industry; and SAFE-BioPharma Association-plus additional opportunities for collaboration, the enhancement of a greater healthcare cybersecurity is possible.

To read Rice’s full testimony and learn more about his recommended additional opportunities, click here.