Security awareness and training solutions specialist Wombat Security Technologies, launched a comprehensive program designed to help health care providers protect critical patient information.
Wombat’s solution is a bundled package, offering CyberStrength knowledge assessments, ThreatSim simulated phishing attack tool, interactive training modules, and security awareness materials.
“We have always had clients in the health care space, but we put together this program because the healthcare sector has reported some of the largest number of data breaches over the past few years and the root cause is often human error,” Amy Baker, vice president of marketing at Wombat Security Technologies, told eWEEK. “This isn’t just a phishing problem either, we know that a few of those breaches happened because healthcare workers did not secure their laptops properly.”
Baker explained that from working with their health care customers, Wombat also knows that their methodology has been very effective in reducing incidents in their organizations because of the ability to assess their staff on a wide variety of topics such as phishing, physical security and PHI, and then automatically deliver training in short, interactive training modules.
“Our integrated platform also makes it easy for a health care security professionals to build a program that reinforces this knowledge all year long which is very important for retention,” she said.
The Healthcare Security Awareness and Training Program includes a best practices document, providing guidance on running a successful program in a health care setting and showing how all of the pieces of this bundle fit into the four key steps of Wombat’s Continuous Training Methodology–Assess, Educate, Reinforce, and Measure.
“One of the most pressing issues in health care security today is the fact that health care data is in more places than ever before – on laptops, mobile phones, tablets–many of these items, health care professionals carry with them both in the workplace and outside so it makes it so much harder to keep data secure,” Baker said. “Security professionals really have to depend on their staff making good security decisions in a variety of settings.”
The program includes automatically assigning training to users who need it most, allowing users to track and measure progress and dynamically tailoring program efforts to address specific threats as they continue to evolve.
“Health care data is very valuable on the black market and will continue to be a big draw for hackers and social engineers,” Baker said. “People often focus on the technical systems in place to protect data, but I truly think the main pain points will be around the many places that healthcare data can be transported on a multitude of devices, and teaching end users to take an active role in security and how to think about keeping the data safe as they move in and out of healthcare settings with it.”