The Hidden Cybersecurity Threat Lurking on Your Physician’s Desk

Healthcare is a prime target for cybercriminals, and while IT teams focus on protecting networks and medical devices, there’s one device that remains surprisingly vulnerable. What is it? It’s the quiet, reliable machine on the desk of most physicians, nurses, and administrators – PC workstations.

Healthcare IT Today had the chance to learn more about the vulnerability of PC workstations from Brennen Reynolds, VP of Global Sales Engineering & Professional + Managed Services at Absolute Security.

“We recently analyzed over a million devices in healthcare, and on any given day, security controls were either not running as expected and in some cases missing from the endpoints as much as 15 percent of the time,” said Reynolds. That means thousands of devices could be sitting unprotected, waiting for the next ransomware attack to exploit them.

Key Takeaways

1. Security controls don’t always stay on. Updates break things, users disable protections, and IT teams struggle to keep up with constantly shifting vulnerabilities.
2. Hardware-level security offers a fix. Absolute Security’s embedded software reinstalls itself even if a device is wiped, ensuring protection is always in place.
3. Healthcare’s cybersecurity spending isn’t enough. Cybersecurity is now a board-level conversation, but hospitals still lack resources to stay ahead of evolving threats.

Managing Entropy

According to Reynolds, the cybersecurity challenge in healthcare is not just about patching software or installing antivirus—it’s about managing entropy.

“Software updates break things. Users disable protections. It’s not always malicious, but it leaves doors open,” Reynolds explained. Vulnerabilities shift constantly, making it difficult for IT teams to keep up.

Absolute Security’s embedded solution offers a different approach: starting security at the hardware level. “Our software is built directly into the device, so even if someone wipes the hard drive, it reinstalls itself. It’s always there,” he said.

Right Amount of Attention on Cybersecurity?

There is no doubt that more attention on cybersecurity is needed from all members of the healthcare ecosystem – providers, payers, and vendors. But what is the right amount of attention? We posed this tough question to Reynolds.

“Security used to be an afterthought, but now it’s a board-level conversation,” Reynolds noted. To him, that is progress. The challenge Reynolds sees is not one of awareness. Most organizations are aware of the negative outcomes a cybersecurity incident can cause.

The difficulty is that healthcare organizations are not able to hire and retain cybersecurity talent. “There aren’t enough trained professionals, and budgets are stretched thin,” said Reynolds. Instead of just hiring more staff, Reynolds suggests automation and AI-driven security to help IT teams stay ahead of threats.

This may be one of the reasons why Absolute’s embedded security solution has been gaining traction with healthcare customers. Having something that just works and runs constantly in the background means less burden on already stretched cybersecurity personnel. Much like the venerable PC workstation – Absolute’s solution just works quietly and reliably.

Learn more about Absolute Security at https://www.absolute.com/

Listen and subscribe to the Healthcare IT Today Interviews Podcast to hear all the latest insights from experts in healthcare IT.

And for an exclusive look at our top stories, subscribe to our newsletter and YouTube.

Tell us what you think. Contact us here or on Twitter at @hcitoday. And if you’re interested in advertising with us, check out our various advertising packages and request our Media Kit.

Absolute Security is a proud sponsor of Healthcare Scene.