Senior Living as Target According to Patel, the cybersecurity landscape for senior liv- ing communities has experienced significant changes in terms of threats and protective measures. He observed, “They have become attractive targets for cybercriminals due to the valuable personal health and financial information they possess.” Ransomware attacks, where hackers hijack data and demand
a ransom for it, have become more common. At the same time, phishing attacks and social engineering techniques, where cyber- criminals trick people into revealing sensitive information, are additional concerns; and cybercriminals aren’t just using emails for their phishing expeditions. Text messages and even phone calls are sometimes involved. “One of the biggest threats currently is bad operators,” said
Louderback. They are coming from all directions and even alert, trained people can be tricked into giving access to them. Hyman said, “We are seeing sophisticated attacks using social engineering where someone will text or call with so much information that the victim feels confident that the caller or texter is verified.” These “bad actors” will get information from LinkedIn and other online sources to seem knowledgeable and connected to their intended victims.
Building a Security-Savvy Organization This all may seem overwhelming, but a strategic, proactive ap- proach can help protect organizations and their customers. Patel said, “It may sound basic, but this all begins with the technology assessment.” This involves, he suggested, evaluating various as- pects of the facility’s IT systems, including hardware, software, network architecture, data storage, and access controls. “The results of this assessment will provide valuable insights into the facility’s existing cybersecurity practices and highlight areas that need attention, along with suggested steps to mitigate them,” he said.
Based on the assessment’s findings, it will be possible to take
steps needed to boost security measures. Patel said that these include implementing stronger access controls, updating outdated software, improving network security, or providing staff training on cybersecurity best practices. Patel said, “By taking this proactive step, facilities can address
potential vulnerabilities and reduce the risk of cyberattacks.” He added that having a documented assessment also can help when it is time to negotiate cybersecurity insurance rates by demonstrating the organization’s commitment to cybersecurity and risk reduction. Hyman further suggested making sure that every piece of
software the organization uses has either the appropriate secu- rity certification or the manufacturer or vendor has completed an approved assessment. It’s also vital, he said, to have detailed agreements with covered entities, contractors, business associ- ates, and others that address cybersecurity and outline specific rules and requirements. It also may be useful to mandate that there be special anti-malware software on any device used in the facility or for facility business.
“One of the biggest threats currently is bad operators, They are coming from all directions and even alert, trained people can be tricked into giving access to them.”
— Alex Louderback, CEO of BeeCentral
Locking Up Data Because the range of potential attacks is so broad, said Louder- back, it is important to ensure that any device your employees use – at work or at home – is updated to the latest version of security updates. At the same time, implement two-step authentication for any device that touches the network. “If you don’t have these things enabled, you are putting yourself at risk,” said Louderback. According to Patel, cybersecurity insurance has also become
increasingly important for senior living organizations to protect themselves from the financial and reputational risks associated with cyberattacks. However, there has been a noticeable trend of insurance rates increasing in recent years. “The constantly evolving nature of cyber risks makes it chal-
lenging for insurers to accurately assess and price the risk, leading to adjustments in insurance rates. Additionally, senior living com- munities have become specific targets for cybercriminals, increasing the likelihood of cyber incidents occurring and impacting insur- ance rates,” he said. To address this, senior living operators should prioritize robust
cybersecurity measures, such as regular security assessments, employee training, incident response planning, and thorough vendor evaluations. “Demonstrating a commitment to cyber- security and risk reduction may help negotiate more favorable insurance rates. Seeking guidance from cybersecurity experts and insurance brokers who specialize in the senior living industry can assist in finding appropriate coverage at competitive rates,” Patel said.
The Long, Long Train In the past, staff training mostly involved phishing tests, where the company sent out an email with a suspicious link to see if employees recognized and reported this attempted cyberattack. Today’s training should be interactive and hands-on and address the range of cybersecurity risks employees face. “Make testing and training a regular part of work. Have people
pose as bad actors trying to get into your system. For instance, have a caller see how much information they can get out of the front desk,” said Louderback. “Have a plan for what steps you will take for any type of cybersecurity attack – what you will do if and when something happens such as health records or personal information is leaked,” he added.
JULY/AUGUST 2023
ARGENTUM.ORG 23
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60
