Security & Fraud

Prognosis For Healthcare Cybersecurity Is Dire

On Wednesday (April 5), Terence Rice, VP and chief information security officer at Merck & Co., told the Subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce that healthcare cybersecurity still has a long way to go.

“Cybersecurity in the healthcare industry is far worse than what is reported,” Rice stated.

Despite the fact that the healthcare industry was named as the single most attacked industry by the 2016 IBM Cyber Security Intelligence Index, Rice said that the media continues to underreport the security risks facing healthcare.

Rice’s testimony in front of the House Committee laid out the following issues facing the healthcare industry when it comes to cybersecurity: concerns about reputational damage, the strained cybersecurity resources of smaller businesses, the security risk of increasingly portable healthcare information and more opportunities for attacks due to an increase in software usage across the healthcare space.

“Cybersecurity has rapidly become a top concern for governments and industries around the world,” Rice said.

“Nowhere is the situation more acute than in the healthcare industry. In just the last few years, we have seen over 100 million health records exposed in a number of well-publicized security breaches; we have observed cybersecurity researchers demonstrate how software vulnerabilities in insulin pumps and pacemakers could be exploited to cause a lethal attack and we have witnessed entire hospitals in the United States and the United Kingdom shutting down for periods of time to combat a ransomware infection on critical systems,” he continued.

In order to solve the increasing cybersecurity risk facing the healthcare industry, Rice said collaboration between the public and private sectors, as well as greater transparency, are required.

Rice laid out numerous areas of opportunity where this type of collaboration can take place, including appointing a Healthcare Sector Cybersecurity Liaison to the private sector, implementing a digital healthcare identity and increasing the quality and frequency of sharing cybersecurity intelligence.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

Click to comment