According to the results of a new study, it is becoming increasingly common for HIPAA-covered entities to outsource healthcare cybersecurity to private firms, although not necessarily by choice. Third party specialists in cybersecurity are the only option due to a current lack of skilled staff. The rise in cybercrime has left a gap in the labor market and there are simply not enough candidates for the number of positions available.
The report was compiled by Cybersecurity Ventures, and indicates that over the course of the past 12 months alone, the number of reported security incidents has risen by 48%. The company expects the situation to get much worse before it gets better, and this year and next year are likely to see cybercrime levels soar.
Protecting healthcare computer networks from hackers is a difficult task. Some of the world’s best computer minds are now turning their attention to the healthcare industry and are attempting to break through defenses to get the valuable data that is stored. In order to prevent attacks, highly skilled staff are needed to assess risks, address vulnerabilities and monitor and evaluate security defenses. The report suggests there are just too few people for the jobs available.
The job market paints a very clear picture of the lack of skilled personnel on offer. According to CVs Cybersecurity Market Report, over 200,000 cybersecurity jobs have not yet been filled. The expected rise in security breaches means more vacant jobs are likely to be added to that list.
Any company looking for permanent cybersecurity staff can only leave the positions left unfilled for a short space of time before plan B needs to be put into operation. Because the risk of data breaches is considered to be so high, companies have little choice but to outsource healthcare cybersecurity to private firms.
That is not the only problem. Many healthcare providers are finding that their current staff see the option of private sector entrepreneurship as too tempting to pass up and staff are leaving healthcare providers to go it alone. CISOs and CISs are leaving their employers to set up their own cybersecurity firms. With so much business available, it is no doubt an attractive prospect.
Barrack Obama has said that government cybersecurity is a priority, and while new legislation is being introduced to help track the criminals responsible it is also important that money is also invested in training Americans to fill the current cybersecurity vacancies. Protecting healthcare computer networks from hackers and keeping data secure and confidential requires skilled staff and if there are not enough applicants, companies will have little choice than to outsource.