October is Cybersecurity Awareness Month, and Health IT Answers asked experts to weigh in on the cybersecurity subjects that continue to be challenging in healthcare today. Read Verato CEO Clay Ritchey’s insights below and see the full articles on Health IT Answers.
On sophisticated ransomware and AI-driven attacks
“In healthcare, everything comes down to one thing: knowing ‘who is who’. If you can’t trust your identity data, you can’t protect patients, secure systems, or deliver care safely. Cyber criminals know this, and they’re exploiting it — impersonating doctors over the phone, resetting credentials, and slipping into the core of our systems. With one in five providers changing jobs every two years and records scattered across EHRs, credentialing, and reimbursement platforms, the attack surface continues to grow.
Firewalls and MFA certainly help, but the industry needs more to safeguard its information. Identity intelligence and master data management must become core infrastructure. Everything else follows from that.”
On third-party and supply chain vulnerabilities
“Every health system relies on a complex network of clinical and non-clinical employees, affiliated providers, and vendors with varying degrees of access to their applications and networks. With phishing schemes becoming more sophisticated and pervasive, a single stolen password or a concealed malware update can easily lead to a crippling security breach. Technologies to reduce the threat surface for phishing are becoming table stakes, with tools such as digital identity verification at vulnerable points of access leading the way.
The good news is that security measures don’t have to slow you down. By implementing biometric digital identity verification and authentication as part of a healthcare-grade, next-gen MDM platform, organizations can achieve unprecedented identity intelligence, power a single source of truth for provider data management, and increase security while also saving time and cutting costs.”
On legacy systems and the expanding attack surface
“Legacy systems pose one of the biggest vulnerabilities in healthcare cybersecurity. Outdated platforms have security gaps, limited vendor support, and don’t integrate well with modern technology and security practices, which increases the attack surface. Many phishing schemes target legacy technology users, exploiting antiquated security workflows such as password resets and exposing organizations to significant risk of breaches. Digital identity verification is a good starting point to provide secure password resets in these highly vulnerable legacy system workflows that require help desk support. Next-gen MDM solutions not only strengthen the data layer by unifying fragmented records, enriching them, and creating a single source of truth that applications and users can trust, but also secure access with digital identity verification tools. With this identity foundation in place, organizations can lower risk and extend the lifespan of their legacy investments.”