With the healthcare industry at increased risk of cyberattacks, it is essential to develop a cybersecurity staff with a strong skill set.
Many young people do not want to work in health information technology (IT) or cybersecurity. But this week, the Healthcare and Public Health Sector Coordinating Council (HSCC) released a tool kit to aid in recruiting and retaining skilled cybersecurity workers in healthcare.
The guide, “Healthcare Industry Cybersecurity Workforce Guide: Recruiting and Retaining Skilled Cybersecurity Talent,” is designed to address the increased demand for cybersecurity experts in healthcare — especially as cyberthreats continue to grow.
“Attracting and retaining cybersecurity talent is a major challenge in all industry sectors,” said Greg Garcia, executive director for cybersecurity at the HSCC. “But as medical and wearable healthcare technology become more connected, patient safety will increasingly rely on cyber safety, and a skilled workforce is essential to finding that balance.”
The workforce guide highlights four key areas to help hiring managers and chief information security officers develop their cybersecurity workforce:
Members of the HSCC Cybersecurity Working Group developed the guide with best practices useful for maintaining a strong cybersecurity talent base. The guide is aimed at small to mid-sized health systems and those without extensive cybersecurity resources.
The members of the workgroup assigned the Workforce Development Task Group to assess the risk to critical healthcare infrastructure due to issues with recruiting, training and retaining cyber professionals.
The task group discovered that there are two “buckets” for cybersecurity education and training.
The first bucket is the cybersecurity training necessary for a healthcare professional to do their job. Healthcare executives need to have cybersecurity awareness to take administrative steps to protect personal health information.
The second bucket involves technical personnel, such as those who manage data, IT, network and application security and device management roles.
“It is this technical segment of the healthcare workforce that this resource is intended to address — to help healthcare organizations, particularly those with tight budgets and lacking onboard cybersecurity expertise, adopt impactful methods and programs for recruiting, retaining and training more skilled and available cybersecurity human resources,” HSCC wrote.
Get the best insights in digital health directly to your inbox.