Working aid for information security officers and information for the hospital management
Hospitals and many other healthcare facilities bear a special responsibility for the resilience of their IT infrastructures in several respects. The care of patients with the support of state-of-the-art IT systems must be guaranteed just as reliably as the protection of sensitive patient data.
IT security incidents in clinics and hospitals that have become public knowledge show that medical facilities can increasingly fall victim to a cyber attack, both in a targeted and untargeted manner. The changed global political situation may also have to be taken more into account in the future when designing security measures to protect critical infrastructures.
Not least because of the increasing digitization in the field of medical care, hospitals in particular are increasingly facing major challenges with regard to the protection and resilience of their IT systems, processes and components that are relevant to medical care.
With our handout, we give information security officers and hospital management the most important tips for designing information security in hospitals.
Calculation tool for personnel capacities for an information security officer
With the help of our calculation tool, clinics can use their tasks and capacities to estimate how great the need for an information security officer is in their hospital. The assessment of the workload can be a basis for the design of a job.
The tool can be downloaded here:
How do I protect my hospital?
The technical development in the IT sector in the last 25 years has been enormous and has also led to completely new possibilities in the healthcare sector. This is an encouraging development, since technical advances have significantly improved the efficiency and quality of a hospital’s central business processes. However, there is also a dark side that has manifested itself dramatically in recent months: hospitals have been victims of cyber attacks.
If you reduce the very extensive implementation instructions, orientation aids, recommendations for action as well as the recognized standards and regulations to six essential points, which offer the greatest possible benefit and protection against cyber attacks, then these are the following six basics according to experience. The vast majority of cyber attacks can be prevented or significantly reduced in impact by taking these steps.
In this guide, which is continuously updated in line with current technological developments and the latest findings, the Cyber Security Council Germany e.V., with the kind support of our member AuraSec GmbH, presents the most important measures.
How do I protect my company?
Small and medium-sized enterprises are the backbone of the German economy. They generate a large part of the gross national product and provide jobs for millions. Small and medium-sized companies are attractive, but unfortunately so are cybercriminals. More than half of cyber attacks hit small and medium-sized businesses with fewer than 500 employees. In the case of many smaller medium-sized companies, there is also the fact that they do not have the same cyber security infrastructure as large corporations that can finance and maintain their own IT departments and comprehensive IT security protection.
The good news is that even small businesses can protect themselves by taking concrete steps that are easy to adopt and maintain.
The vast majority of cyber attacks can be prevented or mitigated by taking these steps.
In this guide, which is continuously updated in line with current technological developments and the latest findings, the Cyber Security Council Germany e.V. presents you with the most important steps.
How do I protect myself as a private individual?
Most people spend a lot of time on the internet. They order in online shops, they book trips, they make transfers or stream series. The Internet is a natural part of everyday life.
When you hear about cyber attacks on large companies or government agencies, it’s easy to think that the risk to consumers is much smaller. Unfortunately, individuals are particularly at risk. This starts with malware and spam e-mails and extends to phishing attacks to steal bank details and passwords.
The good news is that individuals and families can also protect themselves by taking concrete steps that are easy to implement and maintain. The vast majority of cyber attacks can be prevented or intercepted by taking such steps.
In this guide, the Cyber Security Council Germany e.V. presents you with the most important steps.