(C) Daily Yonder - Keep it Rural
This story was originally published by Daily Yonder - Keep it Rural and is unaltered.
. . . . . . . . . .



Microsoft Provides Cybersecurity Program for Rural Hospitals [1]

['Liz Carey', 'The Daily Yonder', '.Wp-Block-Co-Authors-Plus-Coauthors.Is-Layout-Flow', 'Class', 'Wp-Block-Co-Authors-Plus', 'Display Inline', '.Wp-Block-Co-Authors-Plus-Avatar', 'Where Img', 'Height Auto Max-Width', 'Vertical-Align Bottom .Wp-Block-Co-Authors-Plus-Coauthors.Is-Layout-Flow .Wp-Block-Co-Authors-Plus-Avatar']

Date: 2025-04-07

Even though IT solutions exist to help rural hospitals stay ahead of cyber criminals, purchasing and implementing those solutions can be a cost that’s out of reach.

But a new program from Microsoft may be a key to addressing several of those challenges, officials said.

Microsoft’s Cybersecurity for Rural Hospitals Program is helping some rural hospitals across the country deal with data security issues, and nearly a third of all rural hospitals in America (more than 550) are participating in the program, receiving free cybersecurity assessments, cybersecurity training, and security product discounts.

A recent report from Microsoft found that rural hospitals are more susceptible to cyberattacks for a number of reasons – lack of resources, aging computer systems, a lack of IT specialists, and human error, to name just a few. The report found that rural healthcare operations house highly sensitive data on systems that are easier to exploit.

Preventing those attacks could save a rural healthcare system millions.

Studies by Comparitech have found that a U.S. healthcare system could lose as much as $1.9 million per day if a system is down because of a cyberattack. Although many larger hospitals can afford to pay whatever ransom bad actors demand, a rural hospital already under financial strain would only end up deeper in the red.

Alan Morgan, president and CEO of the National Rural Health Association, said cybersecurity is an issue for all hospitals, but rural hospitals see a bigger impact.

“The costs of maintaining (networks and security software) can be quite significant,” Morgan said in an email interview with the Daily Yonder. “It is important to note that large, well-financed national health systems have to date failed to prevent cyber-attacks on their organizations, so for a small rural hospital, with far fewer resources, the issue is even more daunting.”

One of the main entry points into a rural hospital’s data system, the report found, is human error. Of the 13 systems studied by Microsoft, including rural hospitals, 93% of the malicious cyber activity was related to phishing campaigns and ransomware, most of it coming through email-based threats.

“The human factor is a big component here,” Laura Kreofsky, Microsoft’s director of rural health resiliency, said in an interview with the Daily Yonder. “I always talk about the innocuous email from your sister-in-law that looks like ‘Check out the new baby picture.’ It’s just something seemingly innocent that can just cause a crisis within the hospital. And it’s significant in rural health care because they don’t have the resources across the board… to build out high-value training content and to have the mechanisms in place to ensure that all of the staff do the cybersecurity training on top of their required HIPAA training.”

The threat is real and growing, according to the Microsoft research study.

“Unless we act together, cyberattacks will continue to threaten the critical missions of rural hospitals,” the report stated. One example in the study concerned Texas, where five hospital data breaches in 2015 exposed more than 102,000 patient records; then in 2022, 44 attacks in Texas exposed nearly 6 million patient records.

“This spike is not an anomaly, but the result of focused efforts to target hospitals [that] are simultaneously under-resourced with vulnerable IT environments, and housing valuable patient data,” according to the report.

Officials with Microsoft said the goal of the cybersecurity program is to address not only immediate risks facing the hospitals, but to encourage broader systemic challenges as well. The program looks to solve the problem through multiple ways – first, by allowing independent cybersecurity firms to do a cyber risk assessment for the hospital, and, second, by providing training modules for the hospital’s employees to use.

“Part of the program is the software and the licensing that we’re offering, that helps sort of harden the organization from incoming cyber risk and just human error,” Kreofsky said. “Then there’s also the training pieces that we’ve put together … We have a basic cyber awareness training… (about) the things we need to do as individuals in society today, and, unfortunately, also particularly in healthcare.”

Further training within the program can enhance foundational cyber certification for IT people within a hospital and enable them to better harden systems against cyberattacks, she said.

According to the NRHA, rural hospitals should be working to mitigate the impact of cyberattacks by being prepared for them. In a policy paper, the organization recommends that rural health care facilities establish short-term strategies to handle ransom payment and downtime operations, while also looking to the future by implementing strategies to deal with future threats.

NRHA’s Morgan said many rural hospitals are already working to implement cybersecurity plans.

“Rural Hospitals are in many cases working with companies such as Microsoft and Google to help safeguard their facilities and certainly working as part of larger systems and networks to address the threat,” he said.

Related

Republish This Story Republish our articles for free, online or in print, under a Creative Commons license.

[END]
---
[1] Url: https://dailyyonder.com/microsoft-provides-cybersecurity-program-for-rural-hospitals/2025/04/07/

Published and (C) by Daily Yonder - Keep it Rural
Content appears here under this condition or license: Creative Commons CC BY-ND 4.0 International.

via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/dailyyonder/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.