Cyber Threat Alert in Healthcare: 3 Steps to Stay Ahead of Digital Risks

October 30, 2020

Phishing and ransomware are not new concepts in 2020, but there is a new target for cyberattacks in late October – U.S. healthcare. On Oct. 28, the Department of Homeland Security issued a formal alert in partnership with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) about “increased and imminent cybercrime threats” to U.S. hospitals and healthcare providers.

In the alert, they outline guidance on how organizations can protect themselves against attacks. Here are a few key aspects where SAI Global can also help prevent these digital risks. 

1. Develop an active business continuity plan

CISA, the FBI, and DHS encourage organizations to maintain business continuity plans, the practice of identifying potential risks to executing essential operational functions through emergencies such as cyberattacks, to minimize service interruptions.

SAI Global Pandemic Plan TemplateIf your organization doesn't have already have an active BCM practice, use our free pandemic plan template as a tool to guide you through planning steps, identify key business impacts, and run through a preparedness checklist.

Ideally, a business continuity plan should be a living document, reviewed on a regular cadence so that your organization can try to prepare for potential interruptions (and 2020 has been full of them). 

When you’re ready, you can also use our BCM software in a free trial to learn how an integrated view of the risks you face can help your management team make informed decisions.

These are just two of the many BCM and risk management tools that our team provides to help you establish a strategy for operational resilience – browse our additional insights, including the key risks to watch through the end of 2020.


2. Educate your employees – then remind them

Training and awareness about cybersecurity threats at work aren’t once-a-year events. Cybercriminals are always changing their tactics, and you need to keep employees informed. It’s one thing to block incoming suspicious emails to try to prevent phishing and ransomware; this year’s attacks are using social media and messaging apps and relying on our interwoven our personal and professional contacts. 

Because end users are often targets, regularly update employees and stakeholders to make them aware of what the latest cyber threats look like and how they are delivered. Additionally, provide users ongoing training on information security principles, techniques and emerging cybersecurity risks and vulnerabilities.

SAI Global Data Privacy and Information Security training video Ready to get started? Download our free training video to refresh your team’s knowledge about data privacy and information security basics.



3. Create a hotline

Ensure that employees know who to contact when they see suspicious activity or believe they have been a cyberattack victim to ensure you can deploy a proper, established mitigation strategy quickly and efficiently.

Need to evaluate the effectiveness of hotlines as compared to the current guidelines established by the DOG and the OIG? Join our webinar on Nov. 17.


This year has pushed us all to adapt to many new digital experiences and, for many of us, remote work interactions are our new normal. In the healthcare community, this means more email communications between patients and providers, opening a whole new set of access points cybercriminals are using to gain access to sensitive data.

To learn more about how SAI Global helps businesses stay protected and resilient, check out our Information Security Awareness news site, or our insights on how to manage Healthcare Compliance.



Additional cybersecurity reading resources:


Visit our Pandemic Information Center, which includes reading materials, podcasts, and other best-practice guidance around managing business continuity, compliance, risk management, compliance, and workforce health and safety amid the coronavirus pandemic. 

Learn more about our solutions for risk management

Or, contact us to see how SAI Global has helped organizations like yours. 

Previous Article
 4 Risk Areas to Watch in the Final Months of 2020
4 Risk Areas to Watch in the Final Months of 2020

What you need to know to keep your business safe from cybersecurity threats, social and political unrest, a...

Next Video
Are CISO Skills Different from Techie Security Skills?
Are CISO Skills Different from Techie Security Skills?

Todd Fitzgerald examines the role of a CISO and compares the differences in operating as a technical staff ...

Discover how SAI360 for infosec and cybersecurity helps you manage IT risks.