Strategies for addressing healthcare IT cybersecurity organizational resourcing
Finding IT professionals to fill open positions is reaching critical levels for many organizations. In fact, 63% of respondents to an ISACA report shared they had unfilled cybersecurity positions. Almost the same percentage–62%–stated their team was understaffed, taking more than six months to fill open positions. In healthcare, those vacancies can be magnified by new requirements from cyberinsurance providers and regulatory bodies.
It’s no surprise that salary requirements have risen considerably over the past few years. While remote worker options have helped, it has also made it more difficult and costly for organizations in remote areas that can’t compete with the larger orgs. As the cybersecurity talent shortage continues, higher salaries for less experienced professionals should be expected. Over time this creates issues with mentorship and, more importantly, having the experience to maintain command and control during an incident. Being shorthanded or inexperienced is not ideal in any situation, especially during an incident.
Healthcare organizations are faced with the tough decision of whether to keep it all in-house or outsource, but even for those using staffing agencies, open seat time is still often measured in weeks and months, not days. And as with most IT challenges, there are multiple ways to approach a solution. Utilizing an expertise on-demand service is one way to tackle the expertise shortage in a new way.
Fortified provides expertise on-demand services that leverage the full set of healthcare cybersecurity expertise, technologies, and processes many organizations are looking to implement themselves. The question is often asked, how can you find the people we can’t?
There are a few factors to consider when evaluating the total level of effort and cost in finding people. First, a specialized firm like Fortified can help spread not only the “wealth” but also the cost of expertise. In plain language, Fortified can compete with the largest of organizations regarding finding the right people. And cybersecurity firms can also be a draw for more senior professionals because they often have advancement or research opportunities that aren’t there in a hospital setting. Consulting work can provide an ever-changing workload that appeals to many experienced professionals. When also taking into consideration the technology and process in place at Fortified, the expertise on-demand approach can be cost-effective for many healthcare organizations.
To learn more about cybersecurity expertise trends and Fortified expertise on-demand services, you can watch my recent presentation to the Fortified Ecosystem.