By Fortune Onwuzuruike, DSc, MSHMI, HCISPP, PMP; Security Program Manager, WebXT Security & Compliance, Microsoft, and Adjunct College Professor; Cedric L. Truss, DHA, MSHI, CPHIMS; Chair and Clinical Associate Professor, Health Sciences, Byrdine F. Lewis College of Nursing and Health Professions, Georgia State University; a HIMSS Academic Organizational Affiliate; HIMSS Professional Development Committee
Over the past decade, the healthcare industry has experienced exponential growth with the implementation of technology used for patient care. The innovative uses of technology to assist providers will only continue to increase over the next few years. According to an article from Forbes, this transition to cloud and internet-based applications has led to a significant increased risk for cyber-attacks and security breaches.
Given that patient care is the main priority for healthcare organizations, cybersecurity often becomes an afterthought, leaving vulnerabilities exposed in these healthcare environments. Although cybersecurity indirectly plays a crucial role in the delivery of patient care, it is just as important as patient safety issues and will remain significant as we continue to innovate healthcare.
The field of cybersecurity is relatively new to the healthcare industry. Cybersecurity is a science but also an art that cybersecurity professionals gain expertise over the years to become a meaningful asset to any organization. There is no secret that cyber threats are growing exponentially, and there is a shortage of talent in the field to actively counter these threats.
According to CyberSeek, there are 572,392 additional openings requesting cybersecurity-related skills, and employers are struggling to find workers who possess them. On average, cybersecurity roles take 21% longer to fill than other IT jobs. The field is growing in numbers, but well-fluid and qualified professionals are still needed. The industry offers several roles in the cybersecurity space, and there are many options for an individual to pursue as a career in cybersecurity.
Cybersecurity is a broad field that has many pathways. The cybersecurity field is relative to all industries therefore, showing the importance of having a cybersecurity team for your organization is necessary for it to operate in an effective, efficient, and secure manner. Cybersecurity has technical roles, and some can even be non-technical which can be driven by governance, risk, and compliance. These roles can be policy-driven to ensure your organization is in alignment with security frameworks such as NIST, HITRUST, FedRAMP, and more. There are so many avenues that cybersecurity can take a professional. However, it’s not only on the cybersecurity team or professional. Cybersecurity is a holistic approach that must be abided by everyone who is on the journey of this work.
The chart below provides a breakdown of example courses, concentrations, and careers that can be followed for undergrad students, graduate students, and workforce professionals who are eager to learn more about cybersecurity. This provides a more general focus from a cybersecurity viewpoint.
See Figure 1, Cybersecurity Educational Table
A cybersecurity certification will increase your expertise and some employers view it as a must-have to get the role you want. Also, it is a quicker way to get to the goal that one may desire to achieve. Hands-on cybersecurity experience remained the primary factor in determining whether a candidate is considered. Healthcare security professionals are finding value in attaining the new healthcare security certificates ISC2 is offering in replace of the HCISPP.
In addition, there are vendors who provide some certifications that can propel your career and pay such as AWS, Azure, Google, Coursera, and more.
The cybersecurity industry is slowly but surely becoming the most important component and priority for organizations, especially after the recent outbreak of COVID-19. According to the ISACA report, 50 percent say their cybersecurity applicants are not well qualified. Only 31 percent say HR regularly understands their cybersecurity hiring needs. The cybersecurity security gaps exist because of the lack of programs and education that are being provided. The industry is growing but the gap remains. It just has been more noticeable since COVID-19 since the increase of remote work, phishing attacks pertaining to testing/vaccine shots, and other cyber-attacks to attract a user into making a mistake. The increase in remote monitoring, remote work, and more just makes life easier for cybercriminals. As the world becomes more connected to technology than ever before we must also, as a nation, adapt to ensure security is a top priority for every organization like ever before.
The views and opinions expressed in this content or by commenters are those of the author and do not necessarily reflect the official policy or position of HIMSS or its affiliates.