Cybersecurity in Healthcare (Hospitals & Care Centres) from Coursera

What's inside

Syllabus

Cybersecurity in healthcare: technology, data, and human behaviour

It was predicted for 2020 that over 20 billion devices would be connected worldwide – from cell phones to wearable devices, from fridges to coffee makers, almost anything that can be connected to the internet will be connected. But how is increased interconnectivity affecting the healthcare sector – healthcare organisations, the people who work in them, and their patients? The increased digitalisation that we have seen and still see has many advantages, but widespread interconnectivity is also affecting cybersecurity across the world. Healthcare organisations have become a major target for cybercriminals because of the data they hold. Accidents that lead to data breaches can have severe consequences for the patients, staff members, and the healthcare organisation itself.How can healthcare organisations protect themselves, their staff and their patients against these growing threats? And how can healthcare professionals contribute to this process? In this first module, we will dive into the concept of cybersecurity and why it applies to healthcare. Furthermore, we will discover both the opportunities and challenges that have come into existence alongside digitalisation in healthcare. Finally, we will take a first look at the specific threats that healthcare and social care organisations may face. Note: Whenever you feel like you want more information but you don’t know where to start: we have an online library of a range of resources available to you. Please visit: https://www.zotero.org/groups/2280149/securehospitals/library. You can also find the link to the library in the ‘Resources’ tab in the menu.

Social aspects of cybersecurity: social engineering and social media

Welcome to the second module of the course! In this module we will explore the social factors that may influence human behaviour in relation to medical technologies. It is often mentioned that the ‘human is the weakest link’ in cybersecurity. And while the choices we make and the way we act can be problematic, we want to show how cybersecurity incidents often stem from a combination of factors, in the interaction between the human and technology. We will take an in-depth look at how social engineers try to exploit human emotions and natural responses. Additionally, we show how social media use can become problematic. Not just in terms of patient privacy, but also as a treasure trove for cybercriminals to obtain information.

Data breaches, hackers, and malware in healthcare

One of the most well known cases of malware, or ransomware, is WannaCry (2017) that affected the National Health Service (NHS) in the UK especially hard. The case highlights the essence of cybersecurity in the healthcare domain. For this reason we dive deeper into threats against cybersecurity in healthcare organisations in this third module. We take a look at data breaches and the consequences such incidents may have. We explore methods and motives of hackers - what makes healthcare so attractive to them? Finally, we look at different types of malware and how they are deployed. For each of these topics, we provide cases that give an overview of the events and the consequences for the healthcare organisation that was victimised. These real life examples will bring contemporary cybersecurity challenges alive.

Cyber hygiene: practices to improve cybersecurity

In the fourth module, we will move the focus to methods to improve cybersecurity. In this module, we will explore the concept of cyber hygiene: practices that improve cybersecurity. These are behaviours that individuals can do on their own, but also higher level practices that organisations should employ to remain secure and resilient. In particular, we will highlight digital communication and safe emailing, encryption, device management, password management, and software management. This includes updates and backups.

Security culture: creating positive environment to practice cybersecurity

In the fifth and final module, we build on the social aspects of cybersecurity by exploring the concept of cybersecurity culture. We discuss how healthcare organisations may create or maintain an environment where cybersecurity practices might be ignored, promoted, or even discouraged - influencing the uptake of good cybersecurity behaviours. Often, policies and regulations are implemented to steer behaviour and improve cybersecurity. But as you will learn, merely implementing such policies may not be successful as workers may find ‘workarounds’, or ways to circumvent security measures. We will show how investing in cybersecurity culture may be necessary to prevent workarounds from being exploited, making employees more aware and invested in cybersecurity, and to improve cybersecurity in the healthcare organisation. Do you work for a hospital, clinic, medical practice, care centre, care provider, social care organisation, or nursing home? Do you want to improve your personal or your organisation’s cybersecurity (cyber security, IT security, information security, network security, computer security, awareness)? Then please visit www.securehospitals.eu to gain access to a range of resources. You can also join the Security providers and Trainers platform (see: https://www.securehospitals.eu/for-providers-and-trainers/) or our Community of Practice (see: https://www.securehospitals.eu/community/).

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Provides basic information about cybersecurity for those working in healthcare and social care

Covers threats to cybersecurity in healthcare organizations and provides real-life examples

Focuses on the importance of cybersecurity in the healthcare sector

Addresses the social factors that may influence human behavior in relation to medical technologies

Explores the concept of cybersecurity culture and its impact on cybersecurity practices in healthcare organizations

Reviews summary

Cybersecurity concepts in healthcare

Learners of the "Cybersecurity in Healthcare (Hospitals & Care Centres)" course say that it is an engaging and easy-to-understand course that largely provides relevant, practical, and encouraging information about cybersecurity in the European healthcare landscape. Both healthcare and cybersecurity professionals say they learned useful information. Given its brevity, the course is largely recommended for busy individuals and those new to the field of cybersecurity.

Suitable for learners new to cybersecurity or healthcare cybersecurity.

"Great course from my Alma Mater. Great teaching staff."

"This course is ideal for beginners looking to dive into the subject matter"

"upstanding course for beginning learning cybersecurity in healthcare sector.."

"Very basic course. Suggest to build a course with some advanced information"

"If you are in a cybersecurity role, I'd give this one a pass."

Introduces tools and resources for improving cybersecurity in healthcare.

"I gathered a wealth of knowledge from this course."

"It was very practical and very engaging."

"I really learned many tools and terms related in healthcare cyber security."

"Thank you to all members / instructors for designing this course."

"Very good course if you are looking to gain a basic understanding in cybersecurity and some 'quick win' interventions to strengthen your organisation's cybersecurity."

Covers foundational cybersecurity concepts and best practices.

"Very good information that I can utilize at work."

"It was Informative and it taught me something I didn't have a clue about."

"Very informative, really breaks down the fundamentals in vulnerabilities & risk that surface from hackers and what ways best handle these situations."

"Very informative course, the knowledge i gained doesn't come without hard work and dertemination."

"The best have ever had. Satisfactory"

Emphasizes cybersecurity issues within healthcare settings.

"Great course for those who are new to Cyber security in the healthcare field."

"Highly recommend anyone in healthcare that wants to understands the basics principles of cycbersecurity within the healthcare environment."

"As a Nurse, i'll say that i didn't expect the course (which is tiny) to give this benefit to me as a guy already into IT and Nursing in the meanwhile."

"The course would be very basic for IT people. It is good for nurse manager, personel mgmt, direct care mgmt people."

"Excellent course. Thank you."

Enables learners to gain practical knowledge in cybersecurity with a focus on healthcare.

"Gives a wealth of knowledge on cybersecurity."

"I learned a lot of terms and scenarios."

"I gathered a wealth of knowledge from this course."

"Learnt a lot of new terms and scenarios."

"Thank you so much. Despite my 20 years of experience, I learned a lot from this course."

A few learners reported technical issues accessing the course.

"after completing 2 weeks i am not able to access this course"

Mixed opinions on the presentation style of some instructors.

"Clear description of the classes..."

Some learners reported a lack of hands-on practice or exercises.

"i loved the process but did not experience hands on practice."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Cybersecurity in Healthcare (Hospitals & Care Centres) with these activities:

Review fundamental cybersecurity concepts

Show steps

Understanding basic cybersecurity concepts will provide a foundation for building and maintaining a strong security posture.

Browse courses on Cybersecurity Concepts

Show steps

Read articles or blog posts about core cybersecurity concepts
Review online resources, such as videos or tutorials, on cybersecurity basics

Review Fundamentals of Cybersecurity

Show steps

Refreshes the foundational knowledge of cybersecurity concepts and threats, preparing you for more advanced topics.

Browse courses on Cybersecurity

Show steps

Review basic cybersecurity concepts, such as confidentiality, integrity, and availability.
Familiarize yourself with common cybersecurity threats, such as malware, phishing, and ransomware.
Understand the principles of data encryption and authentication.

Practice identifying phishing emails

Show steps

Improve your ability to identify phishing emails and protect yourself from cyberattacks.

Browse courses on Social Engineering

Show steps

Take a phishing quiz
Analyze real-world phishing emails

Five other activities

Expand to see all activities and additional details

Show all eight activities

Learn about cybersecurity best practices for healthcare organizations

Show steps

Review cybersecurity best practices for healthcare organizations to strengthen your understanding of the topic.

Browse courses on Cybersecurity Best Practices

Show steps

Identify reputable sources of information on cybersecurity best practices for healthcare organizations.
Review articles, white papers, and case studies to learn about different approaches to cybersecurity in healthcare.
Summarize the key findings and recommendations from your research.

Create a Cybersecurity Plan for a Healthcare Organization

Show steps

Develops your understanding of cybersecurity risk assessment and mitigation strategies in a healthcare context.

Browse courses on Cybersecurity Incident Response

Show steps

Identify potential cybersecurity threats and vulnerabilities facing a healthcare organization.
Develop a plan for detecting, responding to, and recovering from cybersecurity incidents.
Implement security measures to protect patient data and systems.

Conduct a security assessment on a personal device

Show steps

Performing a security assessment on your own device will provide hands-on experience in identifying and addressing vulnerabilities.

Show steps

Choose a device to assess
Use security scanning tools to identify vulnerabilities
Analyze the results and identify areas for improvement
Implement measures to address the vulnerabilities

Conduct Simulated Cybersecurity Drills

Show steps

Provides hands-on experience in detecting, responding to, and remediating cybersecurity incidents.

Show steps

Define the scope and objectives of the simulation.
Create a realistic scenario based on common cybersecurity threats.
Conduct the simulation and monitor the performance of participants.

Participate in cybersecurity simulations

Show steps

Participating in cybersecurity simulations will allow you to experience real-life security scenarios in a controlled environment and enhance your response capabilities.

Browse courses on Security Training

Show steps

Identify and join cybersecurity simulation platforms or programs
Participate in simulations and follow the instructions
Analyze the results and identify areas for improvement

Career center

Learners who complete Cybersecurity in Healthcare (Hospitals & Care Centres) will develop knowledge and skills that may be useful to these careers:

Chief Information Security Officer (CISO)

A Chief Information Security Officer (CISO) is responsible for developing and implementing an organization's cybersecurity strategy. In healthcare organizations, CISOs play a critical role in ensuring that patient data is protected from unauthorized access, use, or disclosure. The Cybersecurity in Healthcare course can help prepare individuals for this role by providing them with a comprehensive understanding of the cybersecurity threats facing healthcare organizations and the best practices for mitigating these threats.

See salaries and explore the career path for Chief Information Security Officer (CISO)

Information Security Analyst

Information Security Analysts are responsible for monitoring and analyzing an organization's IT systems for security vulnerabilities. They also develop and implement security measures to protect these systems from unauthorized access, use, or disclosure. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific security challenges facing healthcare organizations.

See salaries and explore the career path for Information Security Analyst

Security Architect

Security Architects design and implement security solutions for organizations. They work with other IT professionals to identify and mitigate security risks, and they develop and implement security policies and procedures. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a comprehensive understanding of cybersecurity threats and vulnerabilities, as well as the best practices for designing and implementing security solutions.

See salaries and explore the career path for Security Architect

Security Consultant

Security Consultants help organizations to identify and mitigate security risks. They work with clients to develop and implement security strategies, and they provide training and support on cybersecurity best practices. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a comprehensive understanding of cybersecurity threats and vulnerabilities, as well as the best practices for developing and implementing security solutions.

See salaries and explore the career path for Security Consultant

Cybersecurity Engineer

Cybersecurity Engineers design, implement, and maintain cybersecurity systems. They work with other IT professionals to identify and mitigate security risks, and they develop and implement security solutions. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a comprehensive understanding of cybersecurity threats and vulnerabilities, as well as the best practices for designing and implementing security solutions.

See salaries and explore the career path for Cybersecurity Engineer

Healthcare IT Manager

Healthcare IT Managers are responsible for overseeing the IT operations of healthcare organizations. They work with other IT professionals to ensure that the organization's IT systems are secure, reliable, and efficient. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a comprehensive understanding of cybersecurity threats and vulnerabilities, as well as the best practices for implementing security solutions in healthcare organizations.

See salaries and explore the career path for Healthcare IT Manager

Healthcare Data Analyst

Healthcare Data Analysts collect, analyze, and interpret data to improve the quality and efficiency of healthcare services. They work with other healthcare professionals to identify and address patient safety issues, and they develop and implement data-driven solutions to improve patient care. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific security challenges facing healthcare organizations.

See salaries and explore the career path for Healthcare Data Analyst

Risk Manager

Risk Managers are responsible for identifying, assessing, and mitigating risks to an organization. They work with other employees to develop and implement risk management plans, and they monitor risks to ensure that they are managed effectively. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific risks facing healthcare organizations.

See salaries and explore the career path for Risk Manager

Compliance Officer

Compliance Officers are responsible for ensuring that organizations comply with laws and regulations. They work with other employees to identify and mitigate legal risks, and they develop and implement compliance programs. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific legal and regulatory requirements facing healthcare organizations.

See salaries and explore the career path for Compliance Officer

Data Privacy Officer

Data Privacy Officers are responsible for overseeing an organization's data privacy program. They work with other employees to ensure that the organization complies with data privacy laws and regulations, and they develop and implement data privacy policies and procedures. The Cybersecurity in Healthcare course may be useful for individuals who want to become Data Privacy Officers by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific data privacy challenges facing healthcare organizations.

See salaries and explore the career path for Data Privacy Officer

Auditor

Auditors review and evaluate an organization's financial and operational records to ensure that they are accurate and compliant with laws and regulations. They also provide recommendations for improving the organization's financial and operational performance. The Cybersecurity in Healthcare course may be useful for individuals who want to become Auditors by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific security challenges facing healthcare organizations.

See salaries and explore the career path for Auditor

Quality Assurance Manager

Quality Assurance Managers are responsible for developing and implementing quality assurance programs. They work with other employees to ensure that products and services meet quality standards, and they monitor quality to ensure that it is maintained. The Cybersecurity in Healthcare course may be useful for individuals who want to become Quality Assurance Managers by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific security challenges facing healthcare organizations.

See salaries and explore the career path for Quality Assurance Manager

Security Awareness Trainer

Security Awareness Trainers develop and deliver security awareness training programs for employees. They work with other IT professionals to identify the organization's security risks, and they design and deliver training programs to help employees to avoid these risks. The Cybersecurity in Healthcare course can help individuals prepare for this role by providing them with a comprehensive understanding of cybersecurity threats and vulnerabilities, as well as the best practices for developing and delivering security awareness training programs.

See salaries and explore the career path for Security Awareness Trainer

Information Security Manager

Information Security Managers are responsible for overseeing an organization's information security program. They work with other IT professionals to develop and implement security policies and procedures, and they monitor security to ensure that it is maintained. The Cybersecurity in Healthcare course may be useful for individuals who want to become Information Security Managers by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific security challenges facing healthcare organizations.

See salaries and explore the career path for Information Security Manager

IT Project Manager

IT Project Managers plan, organize, and execute IT projects. They work with other IT professionals to ensure that projects are completed on time, within budget, and to the required quality standards. The Cybersecurity in Healthcare course may be useful for individuals who want to become IT Project Managers by providing them with a foundation in cybersecurity concepts and practices, as well as an understanding of the specific challenges facing healthcare IT projects.

See salaries and explore the career path for IT Project Manager