New guidance available to help improve cyber recruiting
The Healthcare and Public Health Sector Coordinating Council has released a new toolkit to help a variety of healthcare organizations recruit and retain cybersecurity personnel.
The initiative is designed to address the growing need for cyber talent faced by healthcare providers, insurers and other stakeholders as threats to data systems continue to grow. The council worked with the federal government to produce the toolkit.
HSCC also has created a Cybersecurity Working Group (CWG), as threats have become more numerous, more frequent and more severe, requiring concerted and coordinated mitigation efforts across the healthcare industry.
Guidance is particularly aimed at small to mid-sized health delivery organizations and companies that don’t have extensive resources for security but need a place to start.
“Attracting and retaining cybersecurity talent is a major challenge in all industry sectors,” says Greg Garcia, executive director for cybersecurity at HSCC. “As medical and wearable healthcare technology become more connected, patient safety will (become increasingly dependent) on cyber safety, and a skilled workforce is essential to finding that balance.”
The mission of the HSCC and its cybersecurity working group is to collaborate with the Department of Health and Human Services and other federal agencies to develop and encourage strategies to facilitate mitigation of threats affecting patient safety, security and privacy, thus improving confidence in the healthcare system.
Membership in HSCC and the working group is open to all healthcare providers, associations and related companies representing healthcare industry subsectors. These industry sectors include direct patient care, health plans, pharmaceutical firms, laboratories, blood management firms, medical devices, mass fatality management services, healthcare IT and public health, among others.
The new toolkit, called the Healthcare Industry Cybersecurity Workforce Guide, is designed to help hiring managers and chief information security officers consider cyber workforce development as a continuum, according to Garcia. “This includes hiring students, transitioning IT staff to cybersecurity responsibilities, developing and managing professional development programs for executive-track cybersecurity personnel and outsourcing critical functions not otherwise resourced within the enterprise,” Garcia explains.
A 2018 survey by the Poneman Institute found that 79 percent of respondents say it is difficult to recruit IT security personnel, and only half of respondents had a chief information security officer.
A white paper from the Healthcare and Public Health Sector Coordinating Council is available here.