In the upcoming issue of Modern Healthcare, my colleague, Adam Rubenfire, and I will present a package of stories about the sad state of cyber insecurity in the healthcare industry.
In 2016, there were 106 major healthcare data breaches attributed to hackers and reported to the federal government. Those breaches exposed 13.5 million individuals' records.
According to a June Ponemon Institute/IBM report on data breaches, the average cost to a healthcare organization for loss of a single record was $402. Doing the math, that's $2.8 billion spent on those hacking incidents alone.
My reporting will show how the healthcare industry is fairing as it competes for talented cyber defenders in a world with an estimated workforce shortfall of 1.5 million cybersecurity employees.
One trick healthcare recruiters are missing, but their counterparts in other industries are not, is starting early in the search for—and development of—cybersecurity talent.
In reporting for my story, I spoke with Bernie Skoch, a retired Air Force brigadier general, who directs the CyberPatriot program for the Air Force Foundation. The program was launched in 2009 to address the workforce shortage as a national security problem.
Its flagship event is the annual National Youth Cyber Defense Competition for high school-age cyber defenders.
In 2016, 4,400 teams of four to five students competed.
“The analysis was, if we're going to shape behavior, we probably should do it at the high school level,” Skoch said. “If you wait for college, you're waiting too long.”
So far, 87,000 students have participated, about 90% of participants after high school went to college, and 69% are now in cyber security careers, Skoch said. National sponsors include AT&T, Cisco, Facebook, Leidos and the Lockheed Martin Foundation.
Teams have local sponsors, too, typically through a high school.
Sponsors run the gamut of industrial sectors, except logistics, heavy manufacturing—and healthcare, he said.
“We're disappointed we haven't been able to get traction there,” but he'd welcome a call, Skoch said.
Check back on Monday at Modern Healthcare to see how the industry is dealing with the issue of cybersecurity.